Posted by Stephen Leaf on 11/11/05 17:48

For security.. *never* store the password in a cookie..
if you must... instead do some sort of encryption on it and some other value
store that and use it for verification.

On Friday 11 November 2005 05:43 am, sunaram patir wrote:
> Hi, i am having problem with internet explorer. i am working on a
> project on building a website where i need to keep track of the users
> i.e. i use a login system in there in short. with the following code i
> check whether the user is logged in or not.
> <?php
> session_start();
>
> $_SESSION['myurl']=$_SERVER['PHP_SELF'];
> if(!isset($_SESSION['student_username']) &&
> !isset($_SESSION['student_password']))
> header("Location: login.php");
> ?>
>
> if the user is not logged in, it redirects to the login page login.php
> as is shown in the above code. now the user is allowed to log in
> through the following code:
>
>
> <?php
> session_cache_limiter('private_no_expire');
> session_set_cookie_params(0,"/","schools.zenrays.com");
> session_start();
> $auth=false;
> ................
> ................
> ................
>
> if($auth){
> $_SESSION["student_username"]=$Effectivelogin;
> $_SESSION["student_password"]=$pass;
> if(isset($_SESSION['myurl']))
> header("Location:
> http://schools.zenrays.com".$_SESSION['myurl']); else
> header("Location: http://schools.zenrays.com/students");
>
> }
>
> it works fine in firefox and msn explorer. in internet explorer, when
> i visit to a
> link in any page it asks for the login details again. could anyone
> please help me out?!
> regards,
> sunaram

[Back to original message]