>i simpley put an cookie with :
>
>setcookie("gfo_cms" ,$sessid , '');
That's wrong.
You should be passing a TIME in for the third argument, or nothing at all.
Also, due to an IE bug, if you *DO* pass in a TIME, you *MUST* also pass in
a non-empty path.
'/' will be fine.
So, if you want a 'session' Cookie, use:
setcookie('gfo_cms', $sessid);
If you want it to expire, use:
setcookie('gfo_cms', $sessid, time() + 60*60*24*30, '/');
Oh, and for Vins, PHP sessions *USE* cookies, so you're no better off with
them *UNLESS* you --enable-trans-sid or you stuff the session_id() into
every URL/FORM.
><?
>
>if (isset($HTTP_COOKIE_VARS["gfo_cms"])) {
> $sessid = $HTTP_COOKIE_VARS["gfo_cms"];
> if (!check_valid_sessid($sessid)) {
> login_form();
> }
> if (!check_ip($sessid, $REMOTE_ADDR)) {
> login_form();
> }
> $rights = get_user_rights($sessid);
> $user_id = get_userid_from_sessid($sessid);
>
>}
This might as well be "else" -- it will be less cluttered that way.
>if (!isset($HTTP_COOKIE_VARS["gfo_cms"])) {
> login_form();
> }
>
>?>
>
>the last code looks if the cookie exists ...
>but it look likes it won't even create the cookie
Use your browser Preferences to select Cookie "Ask every time" so that when
you do or don't send a Cookie from your own site, you'll know what you're
getting.
You'll want to turn it off before real surfing again, though, since some
sites send a zillion cookies on every damn page, no matter how silly that
is. Sigh.
--
Like Music? http://l-i-e.com/artists.htm
Off-Topic: What is the moral equivalent of 'cat' in Windows?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
