Cookie无法在不同的浏览器中运行

I finally got my code working for a password protect script. It's still in its infancy, so I understand it isn't secure. My problem is that I seem to have problems across a number of different computers and browsers. From what I've seen, firefox has no problem with the cookies being set. I'm running into trouble on certain machines not setting cookies.

What I've seen is that on one machine, I have a system with ie, chrome, and firefox. The cookies don't work on chrome, but work with ie and firefox. On my linux machine, firefox works without a hitch. I don't have chrome installed on it so, I can't test that. Then on another machine, ie doesn't want to work with the website. I would think that it's a problem with the privacy settings, but it appears that they are all the same.

The odd thing about the chrome problem, is that I can see the cookie for the session, but I can't see the cookie that I set. So, obviously that is a problem, but I don't know why. I have the same problem with IE. I've set the IE machines to accept all cookies and have had no luck. The chrome browser is set to "Allow local data to be set".

Thanks in advance

      if (isset($_COOKIE["Cookie"])){
        FormatScreen();
      }
      else if ($_POST['access_password']){
        $PasswordEntered = crypt($_POST['access_password'],$salt);
        if ($PasswordEntered == $RealPassword){
            setcookie("Cookie", $PasswordEntered, time()+600, '/');
            FormatScreen();
        }
        else{
            echo LoginScreen();
        }
      }

You should be using session cookies - look at http://www.w3schools.com/php/php_sessions.asp

It will help improve security as the session is stored on the server and can't be tampered with. PHP then handles the session cookies on the client.

I guess No solution for that so I am suggesting another solution to fix your problem :

  • You can also use Sessions in server side . So if user not accept cookie he can't have permission to decline sessions because it's on server side .
  • Make life time for session .

I hope u find helpful in my comment .

This is my corrected code.

 if (isset($_SESSION['loggedin'])){
        echo "You are already logged in.";
      }
      else if ($_POST['access_password']){
        $PasswordEntered = crypt($_POST['access_password'],$salt);
        if ($PasswordEntered == $RealPassword){
            $_SESSION['loggedin']=1;
            //echo "Logged In=". $_SESSION['loggedin'];

            echo "You are now logged in!";
        }
        else{
            echo LoginScreen();
        }
      }