Hello all,

Okay so on the site im doing which has a login, i tryign to implement a cookie so it can save the session so i dont have to keep logging in.

So in my login.php i have this block:

PHP Code:

 $row=$db->fetch_row($result);
                             $_SESSION['user']=array('id' => $row['id'], 
                                'user' => $row['user'],
        'rank' => $row['rank']
                                                     );
          
         if($_POST['savecookie'])
       {
       $exprire = date('U')+60*60*24*14; //14 days add this as setting to admin section.
       setcookie('user',$row['user'], $expire, '/', '.calmcharity.org') or die("User cookie not set");
       setcookie('rank',$row['rank'], $expire, '/', '.calmcharity.org') or die("rank cookie not set");
       setcookie('id',$row['id'], $expire, '/', '.calmcharity.org') or die("Id cookie not set");
       }    
             
     $db->query("UPDATE counter SET user_id='".$row['id']."' WHERE ip='$ip'") or $db->query_error();
 
                             Redirect(urldecode($redirect)); 


This chunk is executed on successful login..

Now this is the part which should be all fine, and saves my cookie.

now on a file which is included in all pages and files i have:

PHP Code:

if(isset($_COOKIE['user']) && !isset($_SESSION['user']['user'])) //if cookie is set but not session, reset the session.
 {
  $_SESSION['user']=array('id' => $_COOKIE['id'], 
                           'user' => $_COOKIE['user'],
                           'rank' => $_COOKIE['rank'],
                                                     );
 } 


So idea being if the cookies there but the session isnt it just resets it with the same details...

Dan

PHP Code:

if(isset($_COOKIE['user']) && !isset($_SESSION['user']['user'])) //if cookie is set but not session, reset the session.
 {
  $_SESSION['user']=array('id' => $_COOKIE['id'], 
                           'user' => $_COOKIE['user'],
                           'rank' => $_COOKIE['rank'],
                                                     );
 } 


the

PHP Code:

!isset($_SESSION['user']['user']) 


shouldn't that be

PHP Code:

!isset($_SESSION['user']) 


There's no reason to have it twice

PHP Code:

if(isset($_COOKIE['user']) && !isset($_SESSION['user'])) //if cookie is set but not session, reset the session.
 {
  $_SESSION['user']=array('id' => $_COOKIE['id'], 
                           'user' => $_COOKIE['user'],
                           'rank' => $_COOKIE['rank'],
                                                     );
 } 


i know, it has been tried before, but the user info is stoerd in the $_SESSION['user'] array (so $_SESSION['user']['id'] etc...) thought i would try it..

its not that tho..

lol I think I know why... there is a spelling error

you had exprire instead of expire

PHP Code:

$exprire = date('U')+ 


</span></span>...so ur cookie was expiring before it ever had time to kick in

PHP Code:

$row=$db->fetch_row($result);
                             $_SESSION['user']=array('id' => $row['id'], 
                                'user' => $row['user'],
        'rank' => $row['rank']
                                                     );
          
         if($_POST['savecookie'])
       {
       $expire = date('U')+60*60*24*14; //14 days add this as setting to admin section.
       setcookie('user',$row['user'], $expire, '/', '.calmcharity.org') or die("User cookie not set");
       setcookie('rank',$row['rank'], $expire, '/', '.calmcharity.org') or die("rank cookie not set");
       setcookie('id',$row['id'], $expire, '/', '.calmcharity.org') or die("Id cookie not set");
       }    
             
     $db->query("UPDATE counter SET user_id='".$row['id']."' WHERE ip='$ip'") or $db->query_error();
 
                             Redirect(urldecode($redirect)); 


Wow im so thick some times...

I would never have noticed that, thanks.

I really need a secutary or something to proof lol.

Dan