I have a website that use mercadopago payments (similar to PayPal, from South America).
When user finish payment and is redirected back to my site, I get a new session id and I am not able to read old one, also not able to read previously set cookies.
My problem is that I need cookie or session value to keep user logged in, if not, I need to ask user and password again and the client does not like that.
This is the code that I am using to set the cookies, with comments explaining my problem:
<?php
session_start();
include("db-connection.php");
if(isset($_SESSION["id_alumno"]))
{
$sid=session_id();
if(isset($_COOKIE["user_token"])){
//just for debbuging
//echo "user_token is a " . $_COOKIE["user_token"];
}else{
//set cookie and update same value in database
setcookie("user_token", $sid, time() 2*24*60*60);
$id_alumno=$_SESSION["id_alumno"];
$sql="UPDATE `alumno` SET `login_token` = '$sid', `login_creado` = NOW() WHERE `alumno`.`id` = '$id_alumno'";
$res=mysqli_query($link, $sql); //this connection values are send in a db-connection.php already included.
}
}else{
$cookie_value=$_COOKIE["user_token"]; // here is my problem, I can't access this value, checking cookie information using chrome and the plugin web developer, I get 2 PHPSESSID (old which was used to set cookie with user_token, and also the user token value, and also this new PHPSESSID)
if(isset($cookie_value)){
$sql="SELECT * FROM alumno where login_token='$cookie_value' and login_token!='no'";
$res=mysqli_query($link, $sql);
if($reg=mysqli_fetch_array($res))
{
//here I can login back the user
}//mysql query
}//if isset cookie value
}
?>
CodePudding user response:
You're using session_start() with it's default options. As soon as you leave your site the session cookie expires.
Try example #3 from the manual:
<?php
// This sends a persistent cookie that lasts a day.
session_start([
'cookie_lifetime' => 86400,
]);
?>
This sends a persistent cookie that lasts a day.