pear Auth + redirect

From: Jef Peeraer (jef.peeraer_at_deadspam.com)
Date: 01/30/04 

Date: Fri, 30 Jan 2004 15:31:06 GMT

This problem is probably an old one, i'll find a lot of info concerning it,
but i don't see the trees through the wood anymore.
i'll describe my code :
i've a login.php which looks like

if(isset($_POST['username']) && $_POST['password']){
    ini_set("session.cookie_domain",".kvds.be");
    $a = new Auth("DB", $glob_ar['auth_params'], "" , false);
    $a->start();
    if($a->getAuth()) {
         $redirect_to = $_SERVER['HTTP_HOST'] .
dirname($_SERVER['PHP_SELF']) . "/mainpage.php" ;
        if( $_SERVER['SERVER_PORT'] == 8043 )
            $server = 'https';
        else
            $server = 'http';
         session_write_close();
        //header("Cache-Control: private");
        //header("Location: $server://$redirect_to");
        //header("Status: 303");
        print "<meta http-equiv=\"refresh\"
content=\"0;URL=$server://$redirect_to\">";
        // close this session already to write session id cookie, before
redirect
        exit();
    }else{
        print "<b>You're not allowed to proceed!<br><br>\n";
    }
} else {
// html code for login screen
}

Then i have that mainpage.php code

$a = new Auth("DB", $glob_ar['auth_params'], "" , false);
$a->start();
if( $a->getAuth() ){
    // setup connection to databaswe
    $db = DB::connect($glob_ar['dsn_user']);
    // user is authenticated, create a user object
    $user = new User($a, $db, true);
    // compose the mainmenu form
     $out = .....
    print $out;
} else {
    header("Location: login.php");
}

I always have to login twice , so the first login doesn't seem to propagate
the cookies, that's why i also tried with this meta-refresh thing. What's
the correct way to handle this ?

thanks

jef