March 24th, 2000, 08:12 AM
I'm working on a Usersystem, and currently it works kind-of like this:
the user logs on on the net,
form method=post action=$php_self)
when the username/password was sent, it calls the function to check username/password, if they match with those in the database, a cookie is set containing the password md5 encrypted and some additional information (like group the user is in).
I've made everything with one if-loop...
before it enters the if-loop, the verification function is called, afterwards it enters the if loop, checks to which group the user belongs (reads it from the cookie). If the cookie isn't set, it prompts the user the login form.
My problem is that it seems like the cookie isn't set fast enough because it prompts the user to login again. If loging in again, everything works fine. the cookie gets set the first time you login.
I'm asking myself now what may cause this, if anyone already had a similar problem and if yes, how he got around with it.
I don't like the idea of splitting the login-, verification- and 'main'-part(s) of the script into 3 different files. But if there's no workaround for that... If you want to see the source code, drop me an e-mail and I'll send it to you.
March 24th, 2000, 08:36 AM
Cookies aren't available in the process in which they are set. Consequently, your cookie won't be available until the 3rd time thru the process:
1) No cookie - display login
2) Process login - set cookie
3) cookie available from here forward
What you should do is set a flag when the cookie is set so that the script "knows" that it already has the cookie value (because it just set the value) and doesn't need to read the cookie.
March 24th, 2000, 08:37 AM
I got this from PHP's website...
>>Cookies will not become visible until the next loading of a page that the cookie should be visible for.
Unfortunately, the only workaround I've found is exactly the one you don't want to do, which is splitting up the login process into three different pages
1. Login page
2. Process login information and set cookie in second script page
3. Test cookie existence in third script page and redirect user to either accessible page or back to login form/possibly a page telling them that cookies need to be used.
I, too, would like to know of any other workarounds other than the above.
March 24th, 2000, 11:51 AM
I don't see why this is such a problem.
Why does the process that sets the cookie have to read it???
Do you have scripts that read a record from a db table that was just written by the same script?