Such trouble, the login form is on every page of the site, if I log into my account from the main page (index.php), then the authorization works fine and on all pages I appear as authorized. If I entered the full description of the news, for example, (mysite.ru/category/php/write/1/), and entered the authorization data on this page, then only on it I appear as an authorized user. login and password. What is the problem? I attach the code, it is included on every page of the site.

session_start(); //Проверка на авторизацию if (isset($_COOKIE['l']) && isset($_COOKIE['i'])) { $id_user = $_COOKIE['i']; $login_user = $_COOKIE['l']; $ip_user = $_COOKIE['ip']; } //Авторизация if(isset($_REQUEST['ok'])) { //Получение данных из формы if($_SERVER['REQUEST_METHOD'] == 'POST') { $l_login = clearData($_POST['l_login']); $l_password = hash('sha1', mysql_real_escape_string(trim(strip_tags($_POST['l_password'])))); } //Запрос на получение данных пользователя $query_login = "SELECT * FROM users WHERE login='$l_login' AND

password = '$ l_password' "; $ query_answer = mysql_query ($ query_login); $ logIn = mysql_fetch_array ($ query_answer);

  //Объявляем нужные переменные $browser = $_SERVER['HTTP_USER_AGENT']; $time = time(); $id_user = $logIn['id_user']; $pass_user = $logIn['password']; $login_user = $logIn['login']; $ip_user = getenv("REMOTE_ADDR"); if($l_login == $login_user AND $l_password == $pass_user) { setcookie('ip', md5($user_ip), time() +3600*24); setcookie('l', $login_user, time() +3600*24); setcookie('i', $id_user, time() +3600*24); $_SESSION['login'] = $login_user; $_SESSION['id'] = $id_user; mysql_query("INSERT INTO session (id_user,time,ip,browser) VALUE

('$ id_user', '$ time', '$ ip_user', '$ browser') ");}

  if($_POST['remember'] == 'on') { setcookie('ip', md5($user_ip), time() +3600*24*7); setcookie('l', $login_user, time() +3600*24*7); setcookie('i', $id_user, time() +3600*24*7); } echo "<html><head><meta http-equiv='Refresh' content='0;

URL = / index.php '> </ head> </ html> ";}

    1 answer 1

     isset($_COOKIE['i'])

    And you can use the session. Cookies do not always work.

    • Let me clarify which sessions are we talking about? if you're talking about session_start - so they also work through cookies;) - Alex Kapustin
    • If authorization is successful, you give for example <pre> <code> $ _SESSION ['loggedIn'] = true; if ($ _SESSION ['loggedIn'] == true) {authorized} else {not authorized} </ code> </ pre> - Ruslan Librovsky
    • @shurik only Cookies are stored by the user and the sessions are stored on a server, what is the difference to tell and why the session and not the user’s cookies? - Artem
    • Well, tell me :) I will be glad to hear :) In order not to be unfounded, I will immediately attach my explanation: by the way, session_start also creates a cookie. By default, this is the PHPSESSION in which the session ID is stored. And the session itself is already stored on the server. That is, we give the server a key by which our session rises. But the cookie must exist. And your phrase: >> And you can use the session. Cookies do not always work. not quite true. Behind this I take my leave. - Alex Kapustin
    • That's right, Damn read the text! I And I mean the SESSION and not storing all the necessary variables in the COOK, session_start () implies a cookie or substitution in the URL of the PHPSESSID value, but not a cookie (many)! and this is the difference, not to be confused. - Artem