Jump to content


Photo

if Cookie == NULL or isset ?


  • Please log in to reply
8 replies to this topic

#1 silver32

silver32
  • New Members
  • Pip
  • Newbie
  • 8 posts

Posted 26 July 2006 - 08:10 PM

I have been using a server with php 4.4.1 and my script worked fine untill I had to move to another one with ver 5.1.4.

$Account = $_COOKIE['name'];
$Pass = $_COOKIE['pass'];

if ($Account == NULL || $Pass == NULL) { die("You must logged in to select a character. If you think you are logged in please<br>allow cookies and try again."); }

as mentioned it worked fine on 4.4.1, now in 5.1.4 it doesnt work, I always get the die message. any ideas, isset will work? I think I have tested isset but didnt work either, dont remember.

#2 tomfmason

tomfmason
  • Staff Alumni
  • Advanced Member
  • 1,696 posts
  • Locationstealing your wifi

Posted 26 July 2006 - 08:17 PM

just a guess but try
if (($Account == NULL) || ($Pass == NULL)) {
     echo "You must logged in to select a character. If you think you are logged in please<br>allow cookies and try again.";
     exit;
}

Traveling East in search of instruction, and West to propagate the knowledge I have had gained.

current projects: pokersource

My Blog | My Pastebin | PHP Validation class | Backtrack linux


#3 tomfmason

tomfmason
  • Staff Alumni
  • Advanced Member
  • 1,696 posts
  • Locationstealing your wifi

Posted 26 July 2006 - 08:27 PM

I use something simiular to this for sessions. Not sure if it will work for cookies but give it a try.

if ((!$_COOKIE['name']) || (!$_COOKIE['pass'])) {
    echo "You must logged in to select a character. If you think you are logged in please<br>allow cookies and try again.";
    include('yourloginpage.php');
    exit;
}
   

Traveling East in search of instruction, and West to propagate the knowledge I have had gained.

current projects: pokersource

My Blog | My Pastebin | PHP Validation class | Backtrack linux


#4 silver32

silver32
  • New Members
  • Pip
  • Newbie
  • 8 posts

Posted 26 July 2006 - 08:31 PM

nothing, tho I might start using sessions

#5 silver32

silver32
  • New Members
  • Pip
  • Newbie
  • 8 posts

Posted 31 July 2006 - 08:50 PM

*bump* I am forcing huge incompatibility with hosting services problems because of this.

#6 king arthur

king arthur
  • Members
  • PipPipPip
  • Advanced Member
  • 335 posts
  • LocationUK HQ

Posted 31 July 2006 - 09:33 PM

You are certain the cookie is set on the client machine?
Sir Isaac Newton said "If I have seen farther, it is by standing on the shoulders of giants". But it is not recorded as to whether he said it before or after he was hit on the head by a falling apple.

#7 pixy

pixy
  • Members
  • PipPipPip
  • Advanced Member
  • 295 posts

Posted 31 July 2006 - 09:53 PM

Just do this:

if ((!isset($_COOKIE['name'])) || (!isset($_COOKIE['pass']))) {
  echo 'Log in please';
  die();
}

This is a .44 Caliber Loveletter straight through my heart.

Tabulas + Threadless + Hire Me!


#8 silver32

silver32
  • New Members
  • Pip
  • Newbie
  • 8 posts

Posted 01 August 2006 - 08:31 AM

You are certain the cookie is set on the client machine?

Just realised that that's my actual problem.

<?
setcookie("name", "Admin");
setcookie("pass", "Darn");
?>
This works fine but the code below doesn't, any ideas why?

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Login to your VirtualMU Account.</title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1253">
<meta name="description" content="Login to your virtualMU Account">
<meta name="keywords" content="VirtualMU,online,game,MMOG,MMORPG,Role-playing,Login,MU">
<meta name="author" content="SiLvER">
<LINK REL="StyleSheet" HREF="Style.css" TYPE="text/css">
</head>
<?
include("Config.php");
$random = mt_rand(1000, 9999);
if ($_COOKIE['pass'] == NULL)
{ ?>
<table width="100" border="0" cellpadding="0" cellspacing="0">
<tr> 
<td> 
<TABLE width="200" border="0" dwcopytype="CopyTableRow">
<tbody>
<form action="Login.php?do=Login" method="post">
<tr> 
<td valign="top">Login:</td>
<td><input type="text" name="name" maxLength=10>
</td>
</tr>
<tr> 
<td valign="top">Password:</td>
<td><input type="password" name="pass" maxLength=10>
</td>
</tr>
<tr> 
<td valign="top">Code:</td>
<td><input type="hidden" name="extcode" id="extcode" value="<? print("$random"); ?>">
<input name="na" id="na" style="width:35 " size="11" value="<? print("$random"); ?>" READONLY>
</td>
</tr>
<tr> 
<td valign="top">Confirm:</td>
<td><input name="extcode1" class="lanyu" id="extcode1" style="width:35 " size="11" maxlength="6">
</td>
</tr>
<tr> 
<td valign="top"><input type="submit" value="Go!"></td>
</form>
</table>
</font>
</td>
</table>
</div> 
<?
}
elseif (!$_COOKIE['pass'] == NULL) { die("<a href=Logout.php>Log out</a>"); }
include("Config.php");
include("System/Included/md5.php");
include("System/Included/Banned.php");
include("System/Included/Functions.php");

$do = stripslashes($_REQUEST['do']);
if ($do == Login)
{

	$name = $_POST["name"];
	$pass = $_POST["pass"];

	//include_once('sql_check.php');
	//check_inject();

	if ((eregi("[^a-zA-Z0-9_-]", $name)) || (eregi("[^a-zA-Z0-9_-]", $pass)) )
	{
	die("SQL Injection Detected, make sure to ONLY use letters and numbers!");
	}

	$sql_username_check = mysql_query("SELECT Login FROM `account` WHERE Login='$name'");
	$username_check = mysql_num_rows($sql_username_check);

	$sql_pass = mysql_query("SELECT Password FROM `account` WHERE Login='$name'");
	$enc_pass = mysql_fetch_row($sql_pass);
	$dec_pass = md5_decrypt( $enc_pass[0], "password" );

	if (empty($name) || empty($pass) ) { echo "Some fields were left blank.<br>"; }
	if (!$username_check > 0) { die("The Login ID you entered doesn't exist.<br>"); }
	if (!$extcode == $extcode1) { die("The code you entered doesn't match with the original."); }
	if (!$pass == $dec_pass) { die("Invalid password specified.<br>"); }

	setcookie("name", $name);
	setcookie("pass", md5_encrypt( $pass, "password" ));

	echo '<meta http-equiv="refresh" content="0; url=SelectChar.php">';
}
?>
</html>


#9 Chetan

Chetan
  • Members
  • PipPipPip
  • Advanced Member
  • 162 posts
  • LocationIndia

Posted 01 August 2006 - 09:09 AM

Because setcookie changes the headers and you cant change headers after giving the content, so you need to set the cookie before you put any content
I am a PHP Guru, ask me questions if you want to




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users