need help fixing this php script

[Jiraiya]

i think the cookie should have the players data and the npcs data i would think i could be wrong

[Yesideez]

Now before we can do anything you need to backtrack and find where the cookie is set - looks like it'll be in another script somewhere BUT... as I said earlier, you're not accessing it.

 

You could fill it with some junk at the start of the script just to test but if that cookie is empty chances are the rest are also empty which is why you need to back track - Maybe start the whole site again so it is defined?

[Jiraiya]

you mean i have to start my game over from the beginning? is there another way i could create this battle script without having to start all over again??

 

oh is this what you wanted to see for the cookie??

 

echo "3";
   $UserSQuery = mysql_query("SELECT * FROM `users` WHERE username='$username'");
   $UserS = mysql_fetch_array($UserSQuery);

   $NPCSQuery = mysql_query("SELECT * FROM `npc` WHERE npcname='$NPC'");
   $NPCS = mysql_fetch_array($NPCSQuery);

   setcookie('NPC', $NPC, 2400);
   setcookie('health', $UserS['health'], 2400);
   setcookie('skill', $UserS['skill'], 2400);
   setcookie('NPCH', $NPCS['health'], 2400);
   }

?>

[Yesideez]

No, just "mentally" read through the other scripts and see what data is being set inside the cookies - I'm thinking they've "expired" while you were writing some code, easy mistake to make.

 

I see you're writing a game so you'll have a few scripts - I don't know what they are so I can't say what ones you need to check. Are they set when a user logs in?

[Jiraiya]

yea i have a cookie created for when the user logs in would it help to see that script too?

[premiso]

The issue is not the cookie but how you are setting it.

 

setcookie

 

Set it with all the values, domain (make sure it is either domain.com or www.domain.com) and a "/" for the directory. Doing that should set the cookie properly.

 

You are only setting the time, value and name, nothing else. This can cause issues on some/most servers.

[Yesideez]

I'd prefer to use sessions instead - I've never touched cookies and don't know how to use them.

[premiso]

I'd prefer to use sessions instead - I've never touched cookies and don't know how to use them.

 

I would agree, but without him re-doing the script to use sessions instead, this should solve the problem until he decides to re-do it.

[Jiraiya]

how do i reset the cookies to do what i need? i have very little knowlege with this and only have a few pages i think that actually use the cookies

[Yesideez]

Jiraiya, I started writing my 3rd online game

 

http://game.pictureinthesky.net

 

I never got around to finishing it but you're more than welcome to ALL the source to look at and play with.

 

I've just PM'd you with the admin logon information - not all the links in there work.

 

Don't be afraid to make new topics in the forums and click things.

[Jiraiya]

k thanks, Yesideez. but i really just need to get this script working is there any possible way of getting it fixed quick and easy?

[Yesideez]

Only as premiso has said - check your login script and make sure you're using the setcookie() properly.

[Jiraiya]

is this what you meant about setting the cookie right?

 

  setcookie('narutotalesofthesannin.com);

[Jiraiya]

this is my login script is it set right?

 

 

/Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: player.php");

}
}
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=http://narutotalesofthesannin.com/join.php>Click To Sign Up</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);

//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{

// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);

//then redirect them to the members area
header("Location: player.php");
}
}
}
else
{

// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}

?> 




</body>
</html>

[Yesideez]

No idea, as I said earlier, I've not used cookies before and don't know how to use them - check premiso's reply showing a link to the instructions for setcookie()

 

Quick question - how many scripts have you written so far?

[Jiraiya]

a few bout i only think about like 3 of them actually use cookies i think

[Yesideez]

You're setting the cookie to expire in only 1 hour which I don't think is long enough tbh.

 

If you've only made about 3 that use cookies now might be a good time to edit them to use session variables instead - ever used them before?

[Jiraiya]

i have no idea on how to use sessions

[Yesideez]

Add session_start() at the start of each script that uses them.

 

Here's a quick run-down seeing you're pressed for time.

 

Make & set a session var

$_SESSION['username']=$_POST['username'];

 

To read a session var

echo $_SESSION['username'];

 

When the user logs out:

$_SESSION=array();

 

This link has all the information you'll need:

http://uk3.php.net/session

[Jiraiya]

and how exaclty do i use sessions with out screwing up my scripts im so confused,

[Yesideez]

You would use them like you would any other variable.

 

Say you have a user that logs in - all you'd need to do is store their user ID number in a session variable.

$_SESSION['id']=$playeruserid;

 

Then for example, if you need to get all the information on them use something like this:

$usr=mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `userid`='".$_SESSION['id']."' LIMIT 1"));

Then you can use $usr like you would normally.

[Jiraiya]

im afraid i still dont follow

 

i only have 3 pages using cookies the reset are just fetching data from mysql databases

[Yesideez]

Let's say in the "users" table you've got a field called "accesslevel" which says whether they're a standard player (1), help desk operator (2), moderator (3), head moderator (4) or admin (5). You can check in a small include file if their access level lets them access certain pages.

<?php
$usr=mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `userid`='".$_SESSION['id']."' LIMIT 1"));
if ($usr['accesslevel']<2) { //must be a member of staff
  header("Location: accessdenied.php");
  exit;
}
// if accesslevel is 2 or higher the script continues here

[Jiraiya]

k im going to look into that thanks but for now i really just need to get the cookies going thanks again

[premiso]

If you still cannot figure it out with the above post the 3 pages and I will get it to use sessions.