Thread: bitter cookies

    #1
  1. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2000
    Posts
    26
    Rep Power
    0
    I have no clue why this is happening, but somehow my "delete cookie" is working in IE but not in Netscape.

    What happens is:

    I use authentication to verify a user's username and password. Upon validation, the user is taken to another page which sets the cookie with the username. I also put in a delete cookie:

    SetCookie("memberID","", time()-3600*24);

    on the authentication page, so that every time a user went back to the login page, the previous cookie would be deleted, and reset.

    Everything works fine in IE.

    But a sample test run in Netscape of:

    username: lname06
    password: temp
    (returns valid, as should)

    username: lname06
    password: asdasfasa
    (returns invalid, as should)

    username: adafaa
    password: temp
    (returns valid as SHOULD'NT)

    The previous cookie value is being reserved even though I've specified to reset the cookie on the log in page.

    No clue why it works in IE but not in Netscape.

    Any ideas or should I be modifying my code?

    Thanks,
    Sana
  2. #2
  3. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2000
    Posts
    26
    Rep Power
    0
    Someone please helpppppp!!!
  4. #3
  5. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2000
    Posts
    26
    Rep Power
    0
    ok im desppppeeerrrraaaatteeeeee, it wont work at all. someone has got to now how to do this, plz plzzzzzzzzzzz
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2000
    Posts
    31
    Rep Power
    15
    It's really hard to help you because you only posted ONE line of your code.. Cookies can be kinda tricky some times so you really do need to post more of your code.
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2000
    Posts
    8
    Rep Power
    0
    <BLOCKQUOTE><font size="1" face="Verdana,Arial,Helvetica">quote:</font><HR>Originally posted by sonya:
    Someone please helpppppp!!![/quote]

    I had a similar problem - I got around it by checking for new input from a <FORM> tag. Here's an extract from one of my PHP projects:

    <?php
    require("db_connect.php");

    session_start();

    $s_id = "PHPSESSID=" . session_id();

    // By default, cookie information has precedence over form input. Obviously we don't want this since
    // new input is ignored when someone else tries to log on, the old session is ressurrected, and the
    // new user is logged into the old user's account. Whoops! This fixes the "feature".

    if ($HTTP_POST_VARS["user"] && (!($HTTP_POST_VARS["user"] == $user))) {
    $user = $HTTP_POST_VARS["user"];
    $password = $HTTP_POST_VARS["password"];
    $phash = "";
    }


    // If username information exists, check the username and password hash (we don't actually store
    // the password at all, only the MD5 hash of it. It's a LOT more secure to send this in the clear.
    // Also, MD5 hashes don't contain any illegal characters.

    if ($password) { $phash = md5($password); }

    if ($user && $phash) {
    $query = "SELECT password FROM users WHERE name='" . $user . "'";
    $result = mysql_query($query, $db);
    $myline = mysql_fetch_row($result);
    $db_hash = $myline[0];

    if ($phash == $db_hash) {
    $logged_in = 1;
    session_register("user");
    session_register("phash");
    } else {
    $logged_in = 0;
    $auth_fail = "Incorrect username or password";
    }
    } else {
    $logged_in = 0;
    }

    if ($logout) {
    $user = "";
    $password = "";
    $phash="";
    $logged_in = 0;
    $s_id = "";
    session_unregister("name");
    session_unregister("phash");
    $tmphead = dirname($PHP_SELF) . "/index.php";
    header("Location: $tmphead");
    exit;
    }

    ?>

Similar Threads

  1. cant delete cookies random errors
    By toxical in forum PHP Development
    Replies: 2
    Last Post: November 26th, 2003, 05:16 AM
  2. Clearing all cookies php script - HowTo?
    By fordfasterr in forum PHP Development
    Replies: 8
    Last Post: October 24th, 2003, 09:40 AM
  3. Problems setting cookies with a path and domain
    By IBBoard in forum PHP Development
    Replies: 4
    Last Post: July 2nd, 2003, 03:03 PM
  4. Is it better to use sessions or cookies?
    By m0nk3y in forum PHP Development
    Replies: 7
    Last Post: March 4th, 2002, 02:35 AM
  5. AOL cookies?
    By cfthong in forum PHP Development
    Replies: 0
    Last Post: August 18th, 2000, 10:59 AM

IMN logo majestic logo threadwatch logo seochat tools logo