Don't worry, I don't use the cookie for login authentication.
My client wanted a link "back to account" on the public pages when the user is logged in. Since $REMOTE_USER wasn't available in the public realm, I was only going to use the cookie for that link. I wound up using a session variable instead, but was wondering what I had done wrong. Michele _____ From: [email protected] [mailto:[email protected]] On Behalf Of David Mintz Sent: Thursday, March 19, 2009 9:48 AM To: NYPHP Talk Subject: Re: [nyphp-talk] Cookie On Thu, Mar 19, 2009 at 9:18 AM, Scott Mattocks <[email protected]> wrote: Michele Waldman wrote: I was defined in the subdirectory, but not the root directory. So, I don't think it was an expiration problem. It isn't that the cookie is expired already. It is that you are setting the path as the expiration. You can't just leave it out and hope that the function figures out you really meant / to be the path. You have to put something where the expiration value goes. Moreover, are you sure you want to rely on cookies for testing whether a user is authenticated? -- David Mintz http://davidmintz.org/ The subtle source is clear and bright The tributary streams flow through the darkness
_______________________________________________ New York PHP User Group Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk http://www.nyphp.org/show_participation.php
