I believe the persistent login problem has to do with domain.com versus
www.domain.com. I wrote a game that required user authentication. I was getting the same problem because I sort of learned how to do it by examining your code. It had to do with how you set the cookie.
The code I ended up using that worked without a hitch was the following:
code:
// after successfull login username/password match
function set_cookies($name,$pass)
{
global $myname,$mypass;
$Password_e = crypt_password($pass);
setcookie("myname","$name",time()+31536000,"/",".mydomain.com");
setcookie("mypass","$pass",time()+31536000,"/",".mydomain.com");
}
// logout code
function clear_cookies()
{
global $myname,$mypass;
setcookie("myname","",time()-3600,"/",".mydomain.com");
setcookie("mypass","",time()-3600,"/",".mydomain.com");
}
Now when you set cookies you don't specify the domain name. So it gets confused if people switch between
www.domain.com and just domain.com. For example, your code:
code:
setcookie("w3t_myid","$Uid",time()+$config'cookieexp'],"{$config['cookiepath']}");
A lot of people describe this same problem:
-They login.
-It looks like they logged in successfully
-When they click on the index it tells them they haven't actually logged in properly. Invalid username/password.
When people described the problem along those lines I would tell them to do the following which seemed to fix it:
- Go to
http://www.domain.com/board/logout.php - Try logging in again.
Then they would tell me that it worked.