i'm trying to port my login system over to windows and make sure it runs ok. everything is ok except for setting/deleting cookies before i issue a
header.
here is what fails: (this is deleting the cookie if user hits logout)
Code: Select all
if ($_GET['a'] == "logout") {
mysql_query("UPDATE k105_users SET `file`='',`ip`='',`key`='' WHERE username='$_SESSION[user]'"); //remove login key
$delete = mysql_db_query(k105members, "DELETE FROM useronline WHERE username2='$_SESSION[user]'");
setcookie("login", "", -1, "/", ".mydomain.com"); //delete rememberence cookie
//setcookie("login", "", "", "/", ".mydomain.com,0"); //delete rememberence cookie
session_unset();
session_destroy(); //destroy session
header("Location: $_SERVER[HTTP_REFERER]"); //go back to main page
}here is the part that issues the cookie upon login:
Code: Select all
if ($query[validated] == "1") {
$wherefrom = $_SERVER['HTTP_REFERER'];
$ip = $_SERVER['REMOTE_ADDR'];
$_SESSION['user'] = $_POST['user']; //set session user
$_SESSION['whereto'] = $_POST['whereto'];
mysql_query("UPDATE k105_users SET `lastip`='$ip',`ip`='$ip' WHERE username='$_POST[user]'");
//"remember me" box is checked
if ($_POST['remember']=="ON") {
$year = (60 * 60 * 24 * 365); //seconds in a year
$key = md5(uniqid(microtime())); //key for login cookie
//insert in database
mysql_query("UPDATE k105_users SET `key`='$key' WHERE username='$_POST[user]'");
setcookie("login", $key, time() + $year, "/", ".mydomain.com"); //set rememberence cookie
//setcookie("login","$key",time()+$year,"","");
//setcookie("debug","1",time()+60*60*24*30,"","");
}
//$back = $_SERVER['HTTP_REFERER'];
echo "";
header( "Location:$wherefrom"); //go back to main page
exit;
}Code: Select all
header( "Location:$wherefrom");Code: Select all
echo $wherefrom;
header( "Location:$wherefrom");thanks