SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Guru
    Join Date
    Feb 2004
    Location
    Oregon
    Posts
    686
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    cookie authentication

    I have just implimetned SSL on a site I work on. when a user logs in they are on the SSL part and then they have a choice to go out to the regular page and go into the details page or download somthing. I myself can't reproduce the problem that some have reported.

    they login at the detials page or the downloads page, either one they can't login, it just seems to loop which makes me think the cookie is not getting made. most are IE6 users on XP. I have tried this with 5 different browsers and 3 OS's and still can't make it happen. all default settings in IE as far as security too.

    is it a compatiblity with SSL and the regular pages? does it make any difference where the cookie is made from? SSL or regular?

    just a normal cookie made form php, nothing special

    anybody have any ideas?
    success is not by chance, it is by choice.

  2. #2
    SitePoint Enthusiast
    Join Date
    Sep 2004
    Location
    Connecticut, USA
    Posts
    86
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I remember a while back I had a similar problem and it had to do with the compact privacy policy on the website. Basically, IE6 was flat out rejecting the cookies because I wasn't specifying enough information for the cookie and because my compact privacy policy was incomplete or wrong (can't remember exactly). It all tied back to IE6's privacy 'features'. Not sure that this is what problem you're having but it might be worth looking into.

  3. #3
    SitePoint Guru
    Join Date
    Feb 2004
    Location
    Oregon
    Posts
    686
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    well after inspecting a few users problems I can see the cookie being set, yet the page still says login. at this login I can echo the cookie contens which I check before they get there. this is really weird. I still cannot make it happen and a lot more users are saying they can't login. how can php code get worse as time goes on?

    teh 'privacy' features are default, what ever setting that is. or is this compact privacy policy something the SSL is generating?
    success is not by chance, it is by choice.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •