Jump to content

Archived

This topic is now archived and is closed to further replies.

silver32

if Cookie == NULL or isset ?

Recommended Posts

I have been using a server with php 4.4.1 and my script worked fine untill I had to move to another one with ver 5.1.4.

[code]
$Account = $_COOKIE['name'];
$Pass = $_COOKIE['pass'];

if ($Account == NULL || $Pass == NULL) { die("You must logged in to select a character. If you think you are logged in please<br>allow cookies and try again."); } [/code]

as mentioned it worked fine on 4.4.1, now in 5.1.4 it doesnt work, I always get the die message. any ideas, isset will work? I think I have tested isset but didnt work either, dont remember.

Share this post


Link to post
Share on other sites
just a guess but try
[code=php:0]
if (($Account == NULL) || ($Pass == NULL)) {
    echo "You must logged in to select a character. If you think you are logged in please<br>allow cookies and try again.";
    exit;
}[/code]

Share this post


Link to post
Share on other sites
I use something simiular to this for sessions. Not sure if it will work for cookies but give it a try.

[code=php:0]
if ((!$_COOKIE['name']) || (!$_COOKIE['pass'])) {
    echo "You must logged in to select a character. If you think you are logged in please<br>allow cookies and try again.";
    include('yourloginpage.php');
    exit;
}[/code]   

Share this post


Link to post
Share on other sites
*bump* I am forcing huge incompatibility with hosting services problems because of this.

Share this post


Link to post
Share on other sites
Just do this:

if ((!isset($_COOKIE['name'])) || (!isset($_COOKIE['pass']))) {
  echo 'Log in please';
  die();
}

Share this post


Link to post
Share on other sites
[quote author=king arthur link=topic=101982.msg406794#msg406794 date=1154381598]
You are certain the cookie is set on the client machine?
[/quote]Just realised that that's my actual problem.

[code]<?
setcookie("name", "Admin");
setcookie("pass", "Darn");
?>[/code]
This works fine but the code below doesn't, any ideas why?

[code]<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Login to your VirtualMU Account.</title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1253">
<meta name="description" content="Login to your virtualMU Account">
<meta name="keywords" content="VirtualMU,online,game,MMOG,MMORPG,Role-playing,Login,MU">
<meta name="author" content="SiLvER">
<LINK REL="StyleSheet" HREF="Style.css" TYPE="text/css">
</head>
<?
include("Config.php");
$random = mt_rand(1000, 9999);
if ($_COOKIE['pass'] == NULL)
{ ?>
<table width="100" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>
<TABLE width="200" border="0" dwcopytype="CopyTableRow">
<tbody>
<form action="Login.php?do=Login" method="post">
<tr>
<td valign="top">Login:</td>
<td><input type="text" name="name" maxLength=10>
</td>
</tr>
<tr>
<td valign="top">Password:</td>
<td><input type="password" name="pass" maxLength=10>
</td>
</tr>
<tr>
<td valign="top">Code:</td>
<td><input type="hidden" name="extcode" id="extcode" value="<? print("$random"); ?>">
<input name="na" id="na" style="width:35 " size="11" value="<? print("$random"); ?>" READONLY>
</td>
</tr>
<tr>
<td valign="top">Confirm:</td>
<td><input name="extcode1" class="lanyu" id="extcode1" style="width:35 " size="11" maxlength="6">
</td>
</tr>
<tr>
<td valign="top"><input type="submit" value="Go!"></td>
</form>
</table>
</font>
</td>
</table>
</div>
<?
}
elseif (!$_COOKIE['pass'] == NULL) { die("<a href=Logout.php>Log out</a>"); }
include("Config.php");
include("System/Included/md5.php");
include("System/Included/Banned.php");
include("System/Included/Functions.php");

$do = stripslashes($_REQUEST['do']);
if ($do == Login)
{

$name = $_POST["name"];
$pass = $_POST["pass"];

//include_once('sql_check.php');
//check_inject();

if ((eregi("[^a-zA-Z0-9_-]", $name)) || (eregi("[^a-zA-Z0-9_-]", $pass)) )
{
die("SQL Injection Detected, make sure to ONLY use letters and numbers!");
}

$sql_username_check = mysql_query("SELECT Login FROM `account` WHERE Login='$name'");
$username_check = mysql_num_rows($sql_username_check);

$sql_pass = mysql_query("SELECT Password FROM `account` WHERE Login='$name'");
$enc_pass = mysql_fetch_row($sql_pass);
$dec_pass = md5_decrypt( $enc_pass[0], "password" );

if (empty($name) || empty($pass) ) { echo "Some fields were left blank.<br>"; }
if (!$username_check > 0) { die("The Login ID you entered doesn't exist.<br>"); }
if (!$extcode == $extcode1) { die("The code you entered doesn't match with the original."); }
if (!$pass == $dec_pass) { die("Invalid password specified.<br>"); }

setcookie("name", $name);
setcookie("pass", md5_encrypt( $pass, "password" ));

echo '<meta http-equiv="refresh" content="0; url=SelectChar.php">';
}
?>
</html>[/code]

Share this post


Link to post
Share on other sites
Because setcookie changes the headers and you cant change headers after giving the content, so you need to set the cookie before you put any content

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.