With the following script, i cannot create a session with session.use_only_cookies 'on' When i login, the server NEVER set a cookie with the sessionID on my client... and he adds the SID to all my relating links on page.
What i want is a session, that saves the sid in a cokkie at the clients pc and NOT to add the SID to the relating links. Thats my sourcecode: Can U give me an answer what is wrong? - Cookies are allowed in my browser - session.use_cookies 'on' - transid 'on' (could only be changed by serveradmins) <?PHP //error_reporting(15); ini_set("session.use_only_cookies", 1); ////////////////////////////////////////////////////////Verbindung öffnen////////////////// include('connect.php'); $verbindung = @mysql_connect($IP,$USER,$PWD); if (!$verbindung){ echo "Keine Verbindung möglich!\n"; exit; }else{ /////////////////////////////////LOGIN/////////////////////////////////// //////////// //cookieabfrage $logincookiename = $tblprefix.'SID'; //def. cookiename if($$logincookiename != ''){ session_id($$logincookiename); //SID auf die im Cookie gespeicherte setzen } //cookieabfrage session_start(); $_SESSION['zaehler'] = 1; $test = session_id(); $db_select = @MYSQL_SELECT_DB($DB); $result = mysql_query("SELECT username FROM ".$tblprefix."_users WHERE sessionID = 'session_id()' "); $sessionsfound = mysql_num_rows($result); //Session deleten wenn nicht eingeloggt if ($sessionsfound != 1){ session_unset(); setcookie( session_name() ,"",0,"/"); $_SESSION = array(); session_destroy(); } $session_id_string = session_id(); //////////////login - TRUE if (($login == 'true') && ($session_id_string == '')){ $login = ''; $abfrage = "SELECT username, password FROM ".$tblprefix."_users WHERE username = '$loginname'"; $erg = mysql_db_query($DB,$abfrage,$verbindung); list ($username,$password) = mysql_fetch_row($erg); if ($username == ''){ $content = 'errors/login.php?error=loginname'; }else{ $abfrage = "SELECT loginversuche FROM ".$tblprefix."_users WHERE username = '$username'"; $erg = mysql_db_query($DB,$abfrage,$verbindung); list ($loginversuche) = mysql_fetch_row($erg); if($loginversuche < 5){ if($password == md5($loginpassword)){ $abfrage = "SELECT sessionID FROM ".$tblprefix."_users WHERE username = '$username'"; $erg = mysql_db_query($DB,$abfrage,$verbindung); list ($sessionID) = mysql_fetch_row($erg); $abfrageupdate = "UPDATE ".$tblprefix."_users SET lastsessionID = '$sessionID' WHERE username = '$username'"; $ergupdate = mysql_db_query($DB,$abfrageupdate, $verbindung); $abfrageupdate = "UPDATE ".$tblprefix."_users SET loginversuche = '0' WHERE username = '$username'"; $ergupdate = mysql_db_query($DB,$abfrageupdate, $verbindung); if($dauerhafteslogin=='true'){ $dauerhafteslogin=''; setcookie($logincookiename ,session_id(),0,"/"); //cookie fuer dauerhaftes Login setzen } session_start(); $_SESSION['zaehler'] = 1; $abfrageupdate = "UPDATE ".$tblprefix."_users SET sessionID = session_id() WHERE username = '$username'"; $ergupdate = mysql_db_query($DB,$abfrageupdate, $verbindung); $content = 'login/status.php'; }else{ ++$loginversuche; $abfrageupdate = "UPDATE ".$tblprefix."_users SET loginversuche = '$loginversuche' WHERE username = '$username'"; $ergupdate = mysql_db_query($DB,$abfrageupdate, $verbindung); $content = 'errors/login.php?error=password'; } }else{ $content = 'errors/login.php?error=accountblocked'; } } } ////////////////////ENDE login TRUE/////////////////////// if (session_id() != ''){ echo "u are logged in!<br>"; echo session_id(); }else{ echo"not logged in"; } ?> } begin 644 Warcraft III.lnk [EMAIL PROTECTED];3````(````,"^-_O^A,,!`##!AWF$PP$` MY_'[_H3#`0#P`P```````0````````````````````$!%``?4.!/T"#J.FD0 MHM@(`"LP,)T9`"[EMAIL PROTECTED] M$`!34$E%3$4``"0``P`$`.^^U"P$.#HO`+`4````4P!P`&D`90!L`&4````6 M`$0`,0``````.R^[;A``5T%20U)!?C(``"P``P`$`.^^.R^[;CHO`+`4```` M5P!A`'(`8P!R`&[EMAIL PROTECTED]"``,[EMAIL PROTECTED](`!705)#4D%^ M,[EMAIL PROTECTED];CHO`+`4````5P!A`'(`8P!R`&[EMAIL PROTECTED]"`` M20!)[EMAIL PROTECTED]'@`90```!P```!>````'`````$````<````-P````````!= M````&P````,```#=%38H$````$1!5$5.(#<U1T(`13I<4W!I96QE7%=A<F-R M869T(#-<5V%R8W)[EMAIL PROTECTED])+F5X90``%`!%`#H`7`!3`'``:0!E`&P`90!< M`%<`80!R`&,`<@!A`&[EMAIL PROTECTED],`)0!%`#H`7`!3`'``:0!E`&P`90!<`%<` M80!R`&,`<@!A`&[EMAIL PROTECTED],`7`!7`&$`<@!C`'(`80!F`'0`(`!)`$D`20`N +`&4`>`!E```````` ` end -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php