When a user logs in, here is my user function:
public function login($user) {
global $database;
if ($user) {
$_SESSION['user_id'] = $user->id;
$this->user_id = $_SESSION['user_id'];
$_SESSION['username'] = $user->username;
$this->username = $_SESSION['username'];
setcookie('user_id', $this->user_id, time() + (60 * 60 * 24 * 14));
setcookie('username', $this->username, time() + (60 * 60 * 24 * 14));
$this->logged_in = true;
}
}
When I look at the Cookiees in Chrome, I find two cookies relating to this:
1 for user_id, 1 for username.
But when the browser is closed and I try to come back, it will not detect the cookiee: Here is the process:
class Session {
// Most of the class has been edited out; the code above is also a method in this clas. Removed so it's not duplicated.
private $logged_in = false;
public $user_id; // yes I realize this is insecure
public $username; // yes I realize this is insecure
function __construct() {
session_start();
$this->check_login();
}
public function is_logged_in() {
return $this->logged_in;
}
private function check_login() {
if (isset($_COOKIE['user_id']) && (isset($_COOKIE['username']))) {
$_SESSION['user_id']= $_COOKIE['user_id'];
$_SESSION['username'] = $_COOKIE['username'];
} else { // When I test, below shows up showing it doesn't think Cookie is set.
echo "Cookie not set in check_login().<br />";
}
if (isset($_SESSION['user_id'])) {
$this->user_id = $_SESSION['user_id'];
$this->username = $_SESSION['username'];
$this->logged_in = true;
} else {
unset($this->user_id);
$this->logged_in = false;
}
}
$session = new Session();
}