>I have a user authentication system using sessions
>it checks username and password against a database.
>if correct it sets a variable in the session cookie (via $_SESSION) and
>redirects to the protected page which checks for that variable.
>if the user/pass is wrong it redirects to an error page.
>if it gets to the protected page and the variable isnt set it redirects back
>to the login page.
>it works when uploaded to a server Linux, Apache/1.3.24, PHP 4.1.2.
>but on my local server Windows NT, Apache/2.0.39, PHP 4.2.1 using a patched
>Apache 2.0 Filter, register_globals=on. It seems to redirect back to the
>login page.

You CANNOT reliable set a cookie and re-direct in the same script.

Never gonna work across the board on browsers/servers.

Call it a "bug" if you like (though it's not) but it will NOT work reliably
on multiple platforms.

Re-design to just send the Cookie, and then include the page they wanted in
the first place.

Also, what's to stop me from setting my own Cookie?  Are you using an
un-guessable value for the Cookie?

Like Music?  http://l-i-e.com/artists.htm
I'm looking for a PRO QUALITY two-input sound card supported by Linux (any
major distro).  Need to record live events (mixed already) to stereo
CD-quality.  Soundcard Recommendations?
Software to handle the recording? Don't need fancy mixer stuff.  Zero (0)
post-production time.  Just raw PCM/WAV/AIFF 16+ bit, 44.1KHz, Stereo

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to