I'm developing a website where users can register and access their accounts, and when the user is connected, I save the User object in a cookie using serialization and base64 encoding. It was working perfectly, suddently the PHP script doesn't want to create the cookie. My PHP script is :
/**
* Function that creates a cookie from an User object
* @param User $user User object to be stored in the cookie
* @param int $timeout Lifetime of the cookie (0 if should be destroyed when the navigator is closed)
*/
function setUserCookie($user, $timeout = COOKIE_MAXLIFETIME) {
setcookie('user', base64_encode(serialize($user)), $timeout, '/');
}
I don't know where the problem is coming from, I hope someone will help me :)
EDIT : This is a project for the university, I'm aware my website can be vulnerable while storing an object in the cookie, but we have to focus on functionalities rather than on the security of the website.
I finally used $_SESSION to make it work, even though the user cannot remain logged into the website.