Parsing $__COOKIE through a class function

[Tohou]

Hey everybody, my issue seems unique on it's own, so I'm posting here, I have about 2 years PHP experience and do code as a hobby and profession now.

 

Anyways, it's not about me it's about my problem. lol

 

See, I've made a secure login system, login is okay, cookies get set, I can return the settings inside the cookies.

But I can't use it inside a class function and set a class variable with it, I'll write up here a small example because my code is huge, if I put it here it'd flood you guys out, so I'll make it simple.

 

 

class myclass {

		function loadsettings() {
			include('config.php');
			$this->settings = &$settings;

			// Set specifics
			$this->site_name = &$settings['site_name'];
			$this->mysql_host = &$settings['mysql_host'];
			$this->mysql_user = &$settings['mysql_user'];
			$this->mysql_pass = &$settings['mysql_pass'];
			$this->mysql_db = &$settings['mysql_db'];
			$this->mssql_host = &$settings['mssql_host'];
			$this->mssql_user = &$settings['mssql_user'];
			$this->mssql_pass = &$settings['mssql_pass'];
			$this->theme = &$settings['site_theme'];
			$this->desc = &$settings['site_desc'];
			$this->srv_ip = &$settings['srv_ip'];
			$this->salt = &$settings['salt'];
			$this->safe_name = &$settings['site_safe_name'];
			$this->uservar = &$settings['site_user_cookie'];
			global $_COOKIE;
			$this->COOKIE = $_COOKIE;
	//Time to test the Mysql nasties
			$link = mysql_connect($this->mysql_host, $this->mysql_user, $this->mysql_pass) or die("No mysql connection available.");
			$db = mysql_select_db($this->mysql_db) or die("Database doesn't exist");
			mysql_close($link);

	}


	function create_key($user) {
					$time = time();
					$md5code = md5(rand(1, 99) . $ip . $this->safe_name . rand(1, 99) . $time); 
					$link = mysql_connect($this->mysql_host, $this->mysql_user, $this->mysql_pass) or die(mysql_error());
					$db = mysql_select_db($this->mysql_db) or die('Couldn\'t link to MySQL DB');
					$sql = "insert into cookies (code, username, time) values ('" . $md5code . "', '" . $user . "', '" . $time . "')";
					mysql_query($sql) or die("Error executing cookie command.");
					setcookie($this->safe_name, $md5code, time() + 3600);
					setcookie($this->uservar, $user, time() + 3600);
	}

	function check_key () {
			$user = $this->COOKIE[$this->uservar];
			$key = $this->COOKIE[$this->safe_name];
			$link = mysql_connect($this->mysql_host, $this->mysql_user, $this->mysql_pass) or die(mysql_error());
			$db = mysql_select_db($this->mysql_db) or die('Couldn\'t link to MySQL DB');
			$sql = "SELECT * FROM `cookies` WHERE `code` = '" . $key . "' AND `username` = '" . $user . "'";
			$result = mysql_query($sql) or die(mysql_error());
		if ($result) {
			$row = mysql_fetch_array($result); 
			$this->logged = true;
			$this->username = $user;
		}
			else $this->logged == false;
		$debug = 'Key: ' . $key . 'User: ' . $user;
		return $debug;
	}

	function clean_keys() {
			$link = @mysql_connect($this->mysql_host, $this->mysql_user, $this->mysql_pass) or die(mysql_error());
			$db = @mysql_select_db($this->mysql_db) or die('Couldn\'t link to MySQL DB');
			$query = "select * from cookies";
			$result = mysql_query($query);
			while ($row = mysql_fetch_array($result)) {
			$oldtime = $row['time'];
			$time = time();
			$diff = $this->date_diff($time, $oldtime);
	if ($diff['hours'] > 1) {
			$sql = "delete from cookies where id='" . $row['id'] . "'";
			mysql_query($sql);
	}
	}
			mysql_close($link);
	}
}

 

$debug Returns Key: (blank) User: (Blank) in my debugging.

 

It's getting this part:

 

	function check_key () {
			$user = $this->COOKIE[$this->uservar];
			$key = $this->COOKIE[$this->safe_name];
			$link = mysql_connect($this->mysql_host, $this->mysql_user, $this->mysql_pass) or die(mysql_error());
			$db = mysql_select_db($this->mysql_db) or die('Couldn\'t link to MySQL DB');
			$sql = "SELECT * FROM `cookies` WHERE `code` = '" . $key . "' AND `username` = '" . $user . "'";
			$result = mysql_query($sql) or die(mysql_error());
		if ($result) {
			$row = mysql_fetch_array($result); 
			$this->logged = true;
			$this->username = $user;
		}

 

To output the user variable which would be their username.

Even key doesn't come up.

In my check_key code it needs fixed for mysql_num_rows, I know that so just ignore that part, it's for debugging and getting it to actually use the $_COOKIE var.

[JonnoTheDev]

You should have methods for setting and getting data within your class. Also on another note if your class has that many member variables why not consider using and array. Use setters and getters to work with the data. Consider the following for your cookie data:

<?php
class foobar {
private $cookie;

public function setCookieVal($cookie) {
	$this->cookie = $cookie;	
}

public function getCookieData($key) {
	if(strlen($this->cookie[$key])) {
		return $this->cookie[$key];
	}
	return false;
}
}


$x = new foobar();
$x->setCookieVal($_COOKIE);
if(!$x->getCookieData('name')) {
print "Your name is not stored in this cookie, ooops";	
}
?>

[PFMaBiSmAd]

Remove the following line -

 

global $_COOKIE;

 

You should not bring ANY variable into a function using the global keyword and php has a built-in surprise for you when you use the global keyword on one of the super-global arrays, it does not work.

[Tohou]

Thanks neil, and yeah I was just testing the global, I should of known better, but I was at my wits end, I've been fumbling on this problem for 48 hours, I came here because I was starting to doubt myself as a coder lol

I understand what I was missing, I need to learn more about public, private and etc settings for vars and functions.

Thanks for the "don't be stupid" slap PFM, I needed it. lol

[Tohou]

Unfortunately I'm back to square one, but have an easier way to debug it now.

I had to set the private $cookie; to public $cookie so it wouldn't error and display it's contents even though it was blank.

 

Here is the code I used to debug:

 

code:<?php echo $myclass->getCookieData($myclass->safe_name); ?> <br>
user:<?php echo $myclass->getCookieData($myclass->uservar); ?><br>
debug:<br>
<?php print_r($_COOKIE); ?><br><br>
Value of $_COOKIE[$myclass->safe_name] <?php echo $_COOKIE[$myclass->safe_name]; ?><br>
Value of $_COOKIE[$myclass->uservar] <?php echo $_COOKIE[$myclass->uservar]; ?><br>
Value of $this->cookie / $myclass->cookie <?php echo $myclass->cookie; ?>

 

Using your code exactly:

 

	public function setCookieVal($cookie) {
			$this->cookie = $cookie;

	}

	public function getCookieData($key) {
	if(strlen($this->cookie[$key])) {
	return $this->cookie[$key];
	}
	return false;
	}

 

After class and before content the following is done:

 

$myclass = new myclass;
$myclass->loadsettings();

																																								require_once('security/security.php');	
			require_once('functions.php'); //Need to know what to do with each act=?

$ip = $_SERVER['REMOTE_ADDR'];
$myclass->clean_keys();
$myclass->setCookieVal($_COOKIE);
$myclass->check_key($myclass->getCookieData($myclass->safe_name), $myclass->getCookieData($myclass->uservar));

 

Response:

 

code:

user:

debug:

Array ( [mysite] => 4dcb1aea009c60a3e65a631227b39358 [mysite_username] => Alex [phpSESSID] => 324mi79tdk8felthjd7rpmlgr5 )

 

Value of $_COOKIE[$myclass->safe_name] 4dcb1aea009c60a3e65a631227b39358

Value of $_COOKIE[$myclass->uservar] Alex

Value of $this->cookie / $myclass->cookie

 

^ Blank cannot be possible, but it is, and it's needed in order for this check_key() function to work.

 

Oops, I think it's my fault.. lol yep The page is loading just before the cookie loading..

 

-Solved -

 

New Response:

 

Welcome to the home page.

 

code:4dcb1aea009c60a3e65a631227b39358

user:Alex

debug:

Array ( [mysite] => 4dcb1aea009c60a3e65a631227b39358 [mysite_username] => Alex [phpSESSID] => 324mi79tdk8felthjd7rpmlgr5 )

 

Value of $_COOKIE[$myclass->safe_name] 4dcb1aea009c60a3e65a631227b39358

Value of $_COOKIE[$myclass->uservar] Alex

Value of $this->cookie / $myclass->cookie Array

 

 

Hello Alex