Jump to content

Archived

This topic is now archived and is closed to further replies.

DaveLinger

working with cookies in php

Recommended Posts

Hokay. Here's the deal. I own and operate www.PCritics.com , a PC software/hardware/game review site, which is dynamically created with php and mysql for each page. I want to add a users' rating to each review, so that registered users can rate a game how they like it, and it submits it to a spot in that review's row which are all averaged together to show average user ratings. The problem is that the site is not very popular, so I want people to register before they can vote, so that no one can get a bunch of their forum pals to vote a game a 10/10 or 0/10 without everyone registering. I can handle the registration system, but I've never worked with cookies before. I dont want the user to have to log in each time they go to rate a game. How would I set a cookie when someone logs in and have the php script recognize it?

thanks

Share this post


Link to post
Share on other sites
It's a long way to go, but just for a start:

[a href=\"http://www.php.net/setcookie\" target=\"_blank\"]http://www.php.net/setcookie[/a]
[a href=\"http://www.php.net/manual/en/reserved.variables.php#reserved.variables.cookies\" target=\"_blank\"]http://www.php.net/manual/en/reserved.vari...riables.cookies[/a]

Share this post


Link to post
Share on other sites
This is how I set my cookies:
[code]$userid = setcookie ("uid", $row['uid'], time()+315360000, "/Durb/", $_SERVER['HTTP_HOST']);
            $userlevel = setcookie ("level", $row['ulevel'], time()+315360000, "/Durb/", $_SERVER['HTTP_HOST']);
            $userval = setcookie ("user", $username, time()+315360000, "/Durb/", $_SERVER['HTTP_HOST']);
            $passval = setcookie ("pass", $password, time()+315360000, "/Durb/", $_SERVER['HTTP_HOST']);
            if(!$userval && !$passval && !$userlevel)
               exit('Your browser has cookies disabled.<br/>You need to have cookies enabled to view this site.<br/>');[/code]

This is how I check them on my login page:
[code]
if(!isset($_REQUEST['login']) && !isset($_REQUEST['logout']) && !isset($_REQUEST['signup']) && !isset($_REQUEST['forgotpass']))
    session_start();
if(!isset($_COOKIE['user']) && !isset($_REQUEST['logout']) && !isset($_REQUEST['signup']) && !isset($_REQUEST['approve']) && !isset($_REQUEST['forgotpass']))
{
    header("Location: login.php?redir=1");
    exit();
}
elseif(!isset($_REQUEST['logout']) && !isset($_REQUEST['signup']) && !isset($_REQUEST['forgotpass']))
{
    if(!isset($_COOKIE['user']))
    {
        header("Location: login.php?redir=1");
        exit();
    }
    else
    {
        $_SESSION['user'] = $_COOKIE['user'];
        $_SESSION['pass'] = $_COOKIE['pass'];
        $_SESSION['level'] = $_COOKIE['level'];
        if(isset($_COOKIE['uid']))
            $_SESSION['uid'] = $_COOKIE['uid'];
        else
        {
            require_once("../libs/err_handler.php");
            require_once("conn.php");
            $ehandle = new sql_handler(1, "", "top.php");
            $query = "SELECT uid FROM Users WHERE uname = '" . $_SESSION['user'] . "'";
            $result = $ehandle->update_query($query);
            $row = mssql_fetch_array($result);
            extract($row);
            $_SESSION['uid'] = $uid;
            $userid = setcookie ("uid", $uid, time()+315360000, "/Durb/", $_SERVER['HTTP_HOST']);
        }
        
        if(isset($_COOKIE['engineID']))
            $_SESSION['engid'] = $_COOKIE['engineID'];
        if(isset($_REQUEST['engid']))
        {
            $engid = setcookie ("engineID", $_REQUEST['engid'], time()+315360000, "/Durb/", $_SERVER['HTTP_HOST']);
            $_SESSION['engid'] = $_REQUEST['engid'];
        }
    }
}
[/code]

Obviously there's more to the login than that, but you basically transfer the cookie userid to the session and verify the username/password against the database values.

And that second code piece is at the top of ALL my pages within that application.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.