[SOLVED] Why does cookie read fail?

[NamemeNick]

hello.  I'm using PHP 4 and I'm a novice programmer stumped by what seems simple.

 

Objective  when user comes to homepage, the script should check whether his IP address is listed in a file.  If the address is listed, the script should store a cookie with value 1 in the user's browser.  If the IP address is not listed, the script then checks if the cookie exists with a value 1; if it does, the user's IP is written to the file.  Basically, at the end of the script, any user who had either the cookie or his IP in the file will now have both.

 

Notes: I want the cookie to have the same name as the file that contains the IP list

 

Coding

 

The first line of the landing page (above any html tag) imports the script: <?php include("./lessons/authorized_ips/script.php");?>

 

script.php contains:

$ip=$_SERVER['REMOTE_ADDR'];  ##works fine
$fp = fopen($IP_file,"a+");     #works fine
$contents = fread($fp, filesize($IP_file));  #works fine
if(strpos($contents,$ip)){setCookie($IP_file,"1",time()+3600*24*90,"/");}  #works fine
elseif($_COOKIE[$IP_file]=="1"){fwrite($fp, " || ip == \"$ip\"");}  ##not working

 

I cannot figure out why the last line is not working.  I've also tried

elseif(isset($_COOKIE[$IP_file]))

but the script doesn't get in that branch even though there is a cookie by the name $IP_file.

 

I know that fread and fwrite worked fine because when I remove the if and ifelse conditions and just have an fwrite statement, the write is successful.

 

[NamemeNick]

Can anyone help?

[WolfRage]

How are you setting your cookie? Where is the code for that?

[NamemeNick]

Hi WolfRage, thank you for responding (nice nickname by the way)

 

The code you see shows how I set the cookie.  The fourth line says:

if(strpos($contents,$ip)){setCookie($IP_file,"1",time()+3600*24*90,"/");}

 

I have tested this line (on the page, I include a javascript document.write(document.cookie) line, so I can see all the cookies that have been set.  When the if condition is met, the cookie is properly set.  The problem is that when the if condition is not met and the cookie in fact equals "1", the script does not enter the next line:

 

elseif($_COOKIE[$IP_file]=="1"){fwrite($fp, " || ip == \"$ip\"");}  ##not working

Basically I want to give access to specific users so at the start I add their IP address to the IP file.  However, IP addresses change, so the first time they visit the members page, if their IP address is found in the file, I save their member status in the cookie with the line:

if(strpos($contents,$ip)){setCookie($IP_file,"1",time()+3600*24*90,"/");}  #works fine

If the users come back days later with a new IP, the site checks for the presence of the cookie and add their new IP to the file with the line

elseif($_COOKIE[$IP_file]=="1"){fwrite($fp, " || ip == \"$ip\"");}  ##not working

 

I've scoured tutorials and forums but I can't figure out what's wrong with my code.  In the main file, I include the php script before any html tag or even blank space.  Any help would be great

 

[WolfRage]

Let's add an else block to your code, you can chose what to make it do, but this will catch any exceptions. If the exception is the problem then we will know we need to further investigate why an exception exisits.

<?php
$ip=$_SERVER['REMOTE_ADDR'];  ##works fine
$fp = fopen($IP_file,"a+");     #works fine
$contents = fread($fp, filesize($IP_file));  #works fine
if(strpos($contents,$ip)){setCookie($IP_file,"1",time()+3600*24*90,"/");}  #works fine
elseif($_COOKIE[$IP_file]=="1"){fwrite($fp, " || ip == "$ip"");}  ##not working
else {/*exception*/ echo 'We have an exception issue.';}
?>

[NamemeNick]

Ok WolfRage.  I added the "else" statement you mentioned.  Here is what happened:

 

1) I cleared all cookies, deleted my IP from the IP list and loaded the page.  The "we have an exception" message appeared as expected.

 

2) I added my IP to the IP list, cleared all cookies and loaded the page.  The script correctly entered the if statement and the cookie test_ip.php=1 was created (where $IP_file="test_ip.php")

 

3) I removed my IP from the list, did NOT clear cookies and reloaded the page.  the cookie test_ip.php=1 is still present, but the script went all the way to the else statement and "we have an exception" was echoed on the page.  The IP was not written to the file.

 

==================================EDIT ===========================================

The exact line that I added is

else {/*exception*/ echo("we have an exception"); setCookie("exception", "yes", time()+3600,"/");}

 

Interestingly, even when I see "we have an exception", the cookie "exception" is not set.  Maybe that's just because at that point some data has been sent to the browser (the echo) but I'm too new at PHP to be sure, so I thought I should mention it.

[WolfRage]

Ok first try setting the domain value in setcookie() .

Also like other headers, cookies must be sent before any output from your script (this is a protocol restriction).

Noting that it is making me think that you have already sent the headers before you are attempting to set the cookie. So to test this theory lets force an error.

<?php
else {/*exception*/ header('Location: http://www.phpfreaks.com/forums/index.php/topic,244065.0.html');}
?>

By the way this should not work and it should spit out an error. Make sure error reporting is turned on.

[NamemeNick]

WolfRage, here is what I did

 

1) in php.ini, I set display_erros = on

2) at the top of script.php, I put

ini_set('error_reporting', E_ALL);

3) In the else statement I put

else {/*exception*/ header('Location: http://www.phpfreaks.com/forums/index.php/topic,244065.0.html')}

 

When I load the page (with the cookie present), nothing happens (I'm not redirected).  What does this mean?  Is this helpful?

[NamemeNick]

I've also tried putting an ob_start() at the beginning of script.php and ob_end_flush() at the end, but no luck.

[WolfRage]

Alright, with E_ALL on it should ahve given us an error for sure, but it is definitely encountering a error by trying to pass the headers a second time. So now you have two options one you can present your code that comes before the cookie part and I can comb through it looking for where your output is starting, thus identifying the error. Or if you do not want to present all of your code you will have to go through it with fine comb to find the error yourself. Remember there can be no whitespace period before any of your opening tags or closing tags, if there is then out put has been started thus headers have been sent. This includes any pre-existing html and new lines, even a single space.

[Philip]

There are a few things I noticed - not sure if any of them would be the cause.

 

It's been a while since I've had to manipulate files in PHP/C... but 'a+' mode puts the pointer at the end of the file.

a+: Open for reading and writing; place the file pointer at the end of the file. If the file does not exist' date=' attempt to create it.[/quote'] So when you call fread - you're trying to read past the end of the file, which it's giving an EOF most likely. Again - it's been a while since I've dealt with file manip so I could be completely wrong.

 

Depending on the exact version of PHP you have, you could use file_get_contents() Otherwise - you'll need to reset the file pointer or use r+ but check to see if the file exists first.

 

 

Next thing:

elseif($_COOKIE[$IP_file]=="1"){fwrite($fp, " || ip == "$ip"");}  ##not working

// Look at the following part of the above line:
fwrite($fp, " || ip == "$ip"")

Notice something missing? How about now:

fwrite($fp, " || ip == ".$ip)
//OR
fwrite($fp, " || ip == {$ip}")
// (the way you were placing the variable)

 

Also, another problem with that is you aren't checking to see if the cookie is set first -which should throw a warning if it's not (same line as above)

} elseif (isset($_COOKIE[$IP_file]) && $_COOKIE[$IP_file]=='1') {

 

Finally, in the else statement, instead of:

else {/*exception*/ header('Location: http://www.phpfreaks.com/forums/index.php/topic,244065.0.html')}

Do some useful debugging, show what cookies are there and what aren't:

else { echo '<pre>'; print_r($_COOKIE); echo '</pre>'; }

 

[NamemeNick]

KingPhillip thank you for trying to help.

 

I will try file_get_contents() and let you know how it works out.  I use PHP4.  It seems this function is for PHP 4.3 and above but I don't know how to check what my exact version of PHP is

 

I have tried using fopen ($IP_file, "r+") as you suggested without success.

 

You suggested that I change the fwrite call, but I know it already works because when I remove the conditional statement (the else statement) and just call

fwrite($fp, " || ip == \"$ip\"");

The write is performed without problem.

 

The other issue you mentioned is that I don't check whether the cookie exists first with an isset() call in my elseif statement.  I've tried using the isset before (and I've just tried again) but that hasn't helped me.  It seems isset returns false even when the cookie exists.

 

Your last advice is to have PHP print the cookies so I can see what they are.  As you will see in my next post, I use Javascript to print the cookie in the main file

document.write(document.cookie)

I've taken your advice however and also printed the cookies from php.  Indeed, the cookie shows as present even when isset() returns false!  I am stumped.  I will post the full code in my next posting.

 

[NamemeNick]

There are 3 files at play in my broken script.

[*]the main file, index.php includes the script (script.php) on the first line, before even a single space character

<?php
ini_set('error_reporting', E_ALL);
include("./script.php");
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>main page</title>

<script type="text/javascript">
ip = '<?php $ip=$_SERVER['REMOTE_ADDR']; echo $ip;?>';
window.defaultStatus = "Your IP address is "+ip;
</script>
</head>

<body>
<script type="text/javascript">
document.write("Cookies present are : " + document.cookie);
</script>
<br />
</body>
</html>

 

• the script file, script.php looks for the user's IP in the 3rd file and updates the cookie if IP is found.  Elseif IP is not found, this file looks for the cookie and if the cookie is found the file writes the user's IP to the 3rd file

<?php
ini_set('error_reporting', E_ALL);

$ip=$_SERVER['REMOTE_ADDR'];

##File containing the authorized IP list
$ip_file = "ip_file.php";

## If current IP is found in the file, set "ip_file.php" cookie to "1"; else if proper cookie is found, add current IP to the file.
  
  #Read the file contents
  $fp = fopen($ip_file,"a+");
  $contents = fread($fp, filesize($ip_file));
  
  #If IP is found, save cookie.  Elseif cookie is found, add IP to the file.
  if(strpos($contents,$ip)){setCookie($ip_file,"1",time()+3600*24*90,"/");}
  elseif(isset ($_COOKIE[$ip_file])){fwrite($fp, " || ip == \"$ip\"");}
  else { echo '<pre>'; print_r($_COOKIE); echo '</pre>';}
  
  #Close the file
  fclose($fp);
  
?>

• The last file, ip_file.php is just a list of IPs

ip == "66.123.44.55" || ip == "44.556.45.443"

• 
  

 

To generate the error, do the following:

[*]add your IP to ip_file.php

[*]load index.php so that the script will set the cookie "ip_file.php=1"

[*]delete your IP from ip_file and reload the page (without clearing cookies).  Even though the cookie is present, your IP will not be written to ip_file.php like it should

 

Thank you for your help.

[Philip]

 

<?php
phpinfo();
?>

Will tell you everything you need to know about your PHP setup.

 

Otherwise you can just call:

<?php
echo 'Current version is ',phpversion();
?>

 

Fread/fseek - again, I'm not sure about this one

$fp = fopen($IP_file,"a+");     #works fine
fseek($fp, 0);

[NamemeNick]

Thanks KingPhillip,

 

I used phpinfo to find out that I can indeed use file_get_contents().

 

I've tried file_get_contents instead of fread() to get the contents in a string, and I've tried using fseek() as well.  These unfortunately have not made a difference.  The problem hasn't been reading from or writing to the file (I've tested those successfully).  The hitch in the code (I believe) comes in checking whether the cookie exists. 

 

I started  going crazy and wondered whether maybe the server was just ignoring the else condition, so I changed it from "isset"

elseif(isset ($_COOKIE[$ip_file])){fwrite($fp, " || ip == \"$ip\"");}

to "!isset"...

elseif(!isset ($_COOKIE[$ip_file])){fwrite($fp, " || ip == \"$ip\"");}

I figured if the server is ignoring that line the change would make no difference.  Of course I really was going crazy... Just as the isset() always failed, !isset() always returns true.  Still don't know where I'm going wrong.

 

Is there a more efficient way to accomplish my bottom line (without using a login script)?  I have a list of ip addresses and I want people who initially had those ip addresses to be able to access the members' page even after a change in ip.  My current techniques relies on a cookie in tandem with the ip.  if IP is in the file, set cookie.  elseif ip is not in the file but cookie is present, add current ip to the file.  I felt pretty clever about my code

 

[NamemeNick]

Does this stump everyone else too?

[NamemeNick]

If anyone is interested, my cookie read failed everytime because the "." character is not allowed in PHP cookies.

 

In Javascript, document.cookie returned ip_file.php=1

In PHP, var_dump() returned array(1) { ["ip_file_php"]=> string(1) "1" }

 

The two refer to the same cookie but they have different names!  In my php coding I was looking for "ip_file.php".  That's why the cookie read failed every time :-) 

 

Thanks to Deidre's Dad and JustSomeGuy at the W3Schools forum for figuring out what was wrong (http://w3schools.invisionzone.com/index.php?showtopic=24027&st=0&gopid=132729&#entry132729)