Greetings,
Been going around in circles trying to figure out why this will not work. Making a low security log-in system using cookies due to an issue with sessions on the device being used. The set cookie works on its own but either is not setting properly in this script or is not being read properly on the auth script. Also, after the cookie should be set, it is not in the browser. Ideas??
Login
<?php
//If passwords match, a cookie is created
if ($pw = $hashedpw) {
$memberID = "1221"; //Pulled from DB
setcookie('MDADMIN_SESS_ID',$memberID,'0','', '.somewhere.com');
header('Location: http://somewhere.com/secure_page.php');
}
?>
Auth
<?php
//Verify that cookie is present
$cookie = $_COOKIE['MDADMIN_SESS_ID'];
if(!isset($cookie)) {
header("Location: http://somewhere.com/failed.php");
exit();
}
?>
The process is as follows: Login Form -> Login Script -> Secure Page (if passwords match) -> Auth Script checked (via include) -> redirect to failed login if cookie not present. When run, it always defaults to the cookie not being present, even though the login script correctly directs to the secure page (logged in successfully).
