Reputation: 778
Remember me feature not working after closing the browser due to wrong cookie name in $_COOKIE array
I am new to PHP. I have tried to implement the remember me feature as explained below.
MysqlSessionHanlder.php -> this implements the 6 session related functions as required by the interface + all functions for "regular login" and login with remember me feature.
login.php -> self explained.
restricted1.php -> if login succeeds, login.php will redirect to this page.
authenticate.php -> This page should be included on every page which requires authentication before being accessed.
db_connect.php -> self explained.
Regular login works well. I am also able to login with remember me checkbox checked, i.e in both cases I am being redirected to restricted1.php. However, once I login using remember me feature -> close the browser -> try to go directly to restricted1.php, I am being redirected again to the login page.
This is because restricted1.php calls first authenticate.php, and this file checks if user is authenticated regular or via auto login existing cookie.
if not, it means that the user tries to access a restricted page without first login which invokes the checkCredentials() function.
authenticate.php code
require_once __DIR__ . '/db_connect.php';
require_once __DIR__ . '/../../classes/MysqlSessionHandler.php';
$handler = new MysqlSessionHandler($db);
session_set_save_handler($handler);
session_start();
$_SESSION['active'] = time();
if (isset($_SESSION['authenticated']) || isset($_SESSION['auto_login'])) {
// we're OK
} else {
$autologin = new MysqlSessionHandler($db);
$autologin->checkCredentials();
if (!isset($_SESSION['auto_login'])) {
header('Location: login.php');
exit;
}
}
However, when I close Chrome, reopen it, and then try to access directly restricted1.php, I am being redirected to login.php.
During debug, I found the following:
Each time user logs in with remember me feature, a function I wrote named persistentlogin() store a new token in the DB + sets a cookie named "auto_login" which includes that token using setCookie() function.
I noticed that the cookie name shown in $_COOKIE super global array is PHPSESSID (default name) although I set the cookie name in my code to be a different one ("auto_login"). I can see BOTH cookies: PHPSESSID and "auto_login" cookie in chrome browser settings, but "auto_login" cookie name is NOT shown in $_COOKIE super global array. I think this is my problem, because checkCredentials() tries to access "auto_login_cookie" as follows:
if (isset($_COOKIE[$this->cookie])) {
$cookie is attribute which is set to 'auto_login' ofcourse.
Why can`t I see the "auto_login" cookie which is set by the setCookie() command in $_COOKIE array?
Thanks,
Qwerty
Upvotes: 1
Views: 952
Answers (1)
Reputation: 778
After several days of debug (!), I found the problem:
Why are my cookies not setting?
It turns out I set the cookie path to something other than '/', which caused this issue.
Thanks anyway :-)
+1 for all the people who put the hard work, and never give up, until they reach their purpose!
Upvotes: 0
Related Questions
- Symfony2 : remember me cookie gets deleted when reopening the browser
- Browser not remembering session when user returns?
- Laravel 5 remember me not working
- PHP remember me functionality works after pressing log in
- Cookies Remember me issue PHP
- Remember me not working
- Laravel Remember Me cookie not being set
- Cookie issue on google chrome
- Having trouble using cookies, remember me works but cookies do not expire when unticked
- Cookie and session in "remember me" feature