Leave a Reply

If you need to post a piece of code use {code type=php}...{/code}.
Allowed types are "php", "mysql", "html", "js", "css".

Please do not escape your post (leave all ", <, > and & as they are!). If you have encoded characters and need to reverse ("decode") it, you can do that here!

  1. Costa

    February 8, 2012 at 08:17

    Just FYI, I used Authsome and it includes "Remember me" functionality via a cookie (with a configurable expiry time).

  2. Gilles

    February 29, 2012 at 23:32

    Hey Mark,

    I’ve also been running into this issue with Cake. Some time ago I found this article: Did you try what is described there?

  3. Mark

    February 29, 2012 at 23:38

    I stopped using php as session type years ago. Due to that problem. But it still remained a mystery – even with DB sessions etc.
    So in the end nothing really helped – and the session never lasted as long as it was supposed to.
    Well, with the Cookie solution this is now over, anyway πŸ™‚

  4. Martin

    July 19, 2012 at 02:24

    Hi Mark
    i was also spending a lot of hours with this without finding a solution. so i’m happy to see this πŸ™‚

    i cant get it work up to now.
    i shoud be one of these reasons:

    • i don’t use username, but "email"
      how should i tell this to the component?
      ‘username’ =&gt; ’email’ ?

    • i have defined in Auth authenticate like this:

    ‘authenticate’ =&gt; array(
    ‘Form’ =&gt; array(
    ‘userModel’ =&gt; ‘User’,
    ‘fields’ =&gt; array(
    ‘username’ =&gt; ’email’,
    ‘password’ =&gt; ‘password’
    ‘scope’ =&gt; array(
    ‘User.enabled’ =&gt; 1,
    ‘User.user_role_id in (1,2)’

    do i have to change something in this config?

    would be very happy about some help πŸ™‚

  5. Mark

    July 19, 2012 at 09:31

    exactly – I have an app with email, too.
    with the same settings you have. that is supposed to work.

  6. Martin

    July 19, 2012 at 13:21

    Thanks Mark, now it seems to work.

    But i can’t find the cookie in my browser preferences… does it save the cookies in other places??
    I have debug on and the email for debug also configured, but never see debug infos…

  7. Martin

    July 19, 2012 at 13:33

    now i get the debug info via email.
    do you know why i can’t see the cookie (f.e. in firefox preferences cookies)?

  8. Mark

    July 19, 2012 at 13:36

    $this->Cookie->domain = false;

    for local development.
    You should find it under the local url, though. at least I do.

  9. Martin

    July 19, 2012 at 14:02

    that’s it!
    thanks very much mark!

  10. Martin

    July 19, 2012 at 16:39

    it works, but now i get a ‘Cookie Mismatch’ error in email, everytime i navigate in my app (click on links) to a page which doesn’t requiere a login (f.e. pages/home, forgot password, etc..)

    if i am loged in, there are no ‘Cookie Mismatch’ errors.

    do you have an idea how i can get rid of that?
    (if you are interested in seeing the site, i can give you the url by email).

  11. EveConnected

    October 13, 2012 at 12:02

    Hi, after adding the Component, I can’t log in anymore. Because the salted PW doesn’t match the salted PW in the database anymore.

    Any idea how this can happen. Could be not related to the Component, but is strange.

  12. Mark

    October 13, 2012 at 12:24

    I dont think it does.
    You would need to show your setup. But i am fairly certain that the component is separate from the normal login.

  13. Travis

    May 22, 2013 at 21:05

    I’m using this component in your Tools object and it creates the cookie fine. Doesn’t seem to be doing the autologin though, like it’s not respecting that the cookie is there. Any ideas?

  14. Danny Lieberman

    May 28, 2013 at 08:01

    Great stuff.
    Just to update you on the Suhosin thing. It’s not enough to play with the srand parameters on the Suhosin extension – you need to turn off transparent session and cookie encryption – this definitely breaks Cake 2.3 / PHP persistent sessions

    suhosin.session.encrypt = Off
    suhosin.cookie.encrypt = Off
    suhosin.srand.ignore = Off
    suhosin.mt_srand.ignore = Off