14 Comments

  1. I stopped using php as session type years ago. Due to that problem. But it still remained a mystery – even with DB sessions etc.
    So in the end nothing really helped – and the session never lasted as long as it was supposed to.
    Well, with the Cookie solution this is now over, anyway 🙂

  2. Hi Mark
    i was also spending a lot of hours with this without finding a solution. so i’m happy to see this 🙂

    i cant get it work up to now.
    i shoud be one of these reasons:

    • i don’t use username, but "email"
      how should i tell this to the component?
      ‘username’ => ’email’ ?

    • i have defined in Auth authenticate like this:

    ‘Auth’=>array(
    ‘authenticate’ => array(
    ‘Form’ => array(
    ‘userModel’ => ‘User’,
    ‘fields’ => array(
    ‘username’ => ’email’,
    ‘password’ => ‘password’
    ),
    ‘scope’ => array(
    ‘User.enabled’ => 1,
    ‘User.user_role_id in (1,2)’
    )
    )
    ),

    do i have to change something in this config?

    would be very happy about some help 🙂

  3. exactly – I have an app with email, too.
    with the same settings you have. that is supposed to work.

  4. Thanks Mark, now it seems to work.

    But i can’t find the cookie in my browser preferences… does it save the cookies in other places??
    I have debug on and the email for debug also configured, but never see debug infos…

  5. now i get the debug info via email.
    do you know why i can’t see the cookie (f.e. in firefox preferences cookies)?

  6. $this->Cookie->domain = false;

    for local development.
    You should find it under the local url, though. at least I do.

  7. it works, but now i get a ‘Cookie Mismatch’ error in email, everytime i navigate in my app (click on links) to a page which doesn’t requiere a login (f.e. pages/home, forgot password, etc..)

    if i am loged in, there are no ‘Cookie Mismatch’ errors.

    do you have an idea how i can get rid of that?
    (if you are interested in seeing the site, i can give you the url by email).

  8. Hi, after adding the Component, I can’t log in anymore. Because the salted PW doesn’t match the salted PW in the database anymore.

    Any idea how this can happen. Could be not related to the Component, but is strange.

  9. I dont think it does.
    You would need to show your setup. But i am fairly certain that the component is separate from the normal login.

  10. I’m using this component in your Tools object and it creates the cookie fine. Doesn’t seem to be doing the autologin though, like it’s not respecting that the cookie is there. Any ideas?

  11. Great stuff.
    Just to update you on the Suhosin thing. It’s not enough to play with the srand parameters on the Suhosin extension – you need to turn off transparent session and cookie encryption – this definitely breaks Cake 2.3 / PHP persistent sessions

    suhosin.session.encrypt = Off
    suhosin.cookie.encrypt = Off
    suhosin.srand.ignore = Off
    suhosin.mt_srand.ignore = Off

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.