View Full Version : Bizarre Cookie problem

08-26-2006, 10:15 PM
I've looked around for anyone with the same problem and I can't see any solution so I decided to post. I have created this login form and it all works fine. I then added cookie support and that also worked. However, I cannot make it so that a cookie expires when the browser is closed. I have used a checkbox "remember_me" in the form, and have tested that it works ok (see the commented out echo statements in the submit section). If I login and no not check the button, then close the browser, then re-open, I am still logged in. I thought if no value for expiry was specified cookies expired on session (browser) close? Mine do not seem to be :(


if (isset($_POST['submit'])) {

require_once ('../mysql_connect.php');

function escape_data ($data) {

global $dbc;

if (ini_get('magic_quotes_gpc')) {

$data = stripslashes($data);


return mysql_real_escape_string($data, $dbc);


$message = NULL;

if (empty($_POST['username'])) {

$u = FALSE;
$message .= '<p>You forgot to enter your username!</p>';

} else {

$u = escape_data($_POST['username']);


if (empty($_POST['password'])) {

$p = FALSE;
$message .= '<p>You forgot to enter your password!</p>';

} else {

$p = escape_data($_POST['password']);


if ($u && $p) {

$query = "SELECT user_id, first_name FROM users WHERE username='$u' AND password=MD5('$p')";
$result = @mysql_query ($query);
$row = mysql_fetch_array ($result, MYSQL_NUM);

if ($row) {

if (isset($_POST['remember_me'])) {

setcookie ('first_name', $row[1], time()+36000, '/', '', 0);
setcookie ('user_id', $row[0], time()+36000, '/', '', 0);
header ("Location: index.php");
//echo '<p>ticked</p>';

} else {

setcookie ('first_name', $row[1], NULL, '/', '', 0);
setcookie ('user_id', $row[0], NULL, '/', '', 0);
header ("Location: index.php");
//echo '<p>Not ticked</p>';


} else {

$message = '<p>Error. Your username/password is incorrect.</p>';



} else {

$message .= '<p>Please try again.</p>';



if (isset($message)) {

echo $message;



<form action="<?php echo $_SERVER['DOCUMENT_ROOT/index.php']; ?>" method="post">

<p>Username: <input type="text" name="username" size="15" maxlength="20" value="<?php if (isset($_POST['username']))
echo $_POST['username']; ?>" /></p>

<p>Password: <input type="password" name="password" size="15" maxlength="20" /></p>

<input type="checkbox" name="remember_me" /> Keep me logged in (requires cookies to be enabled)

<div align="center"><input type="submit" name="submit" value="Login" /></div>


08-26-2006, 10:49 PM
Your browser might not delete the cookie or show the cached website.

08-26-2006, 11:58 PM
Erm...not sure I really understand your reply. Surely the point of what I'm doing there is to delete the cookie and I'm saying for some reason it isn't working. You've just reiterated my problem. And I'm pretty sure it's not a cached page as I'm doing a live refresh (shift-F5) in FF. Is the code I have written there theoretically correct? Even so you don't provide any possible solutions for the problems you suggest it might be.

08-27-2006, 02:14 AM
If you are using Firefox, you can view cookies and under "expires" you can see if it says "at end of session". I just tried a NULL expire cookie and it said "at end of session", and when I closed/opened Firefox, the cookie was gone. So... it does work, and if you're getting the "not ticked" display, I would have to call that bizzare as well!

Anyway, see what "view cookies" tells you.

08-27-2006, 02:24 AM
Even so you don't provide any possible solutions for the problems you suggest it might be.
You managed pretty well on your own, didn't you?