Jump to content

Recommended Posts

my code:

 

if (isset($_POST['login']))
{
  $login_username = trim(mysql_real_escape_string($_POST['username']));
  $login_password = md5(trim(mysql_real_escape_string($_POST['password'])));
  
  $sql_login = mysql_query("select * from users where username='$login_username' and password='$login_password'");
  
  if (mysql_num_rows($sql_login) != 0)
  {  
    setcookie('username', $login_username, time() + (365 * 24 * 60 * 60));
    setcookie('password', $login_password, time() + (365 * 24 * 60 * 60));
  }
  else
  {
    $error_login = 'Invalid username and/or password entered.';
  }
}

if (isset($_COOKIE['username']) && isset($_COOKIE['password']))
{
  $cookie_username = mysql_real_escape_string($_COOKIE['username']);
  $cookie_password = mysql_real_escape_string($_COOKIE['password']);

  $sql_cookie = mysql_query("select * from users where username='$cookie_username' and password='$cookie_password'");

  if (mysql_num_rows($sql_cookie) != 0)
  {
    while ($row = mysql_fetch_assoc($sql_cookie))
    {
      foreach ($row as $k => $v)
        ${'user_'.$k} = $v;
    }
  
    $logged_in = true;
  }
}

 

the problem is, after i click the login button, i have to refresh the page in order for the $logged_in variable to be set to true.

 

so its as if the cookies are not being set until the entire script executes.

Link to comment
https://forums.phpfreaks.com/topic/192230-problem-with-cookies-and-login-form/
Share on other sites

do you do an else if the cookie isn't set.. then after elseif set the cookie.. that wou.d be why :) I can't exactly say for sure since any output would diminish your accessibility to your users' cookies. set the cookie at the top of the page.. not at the bottom :)

if its at the very top just set your logged in value to true..  I don't see the problem.. and ANYWAY you shouldn't leave your user on the same page as you posted to.. header("Location: whatever...");.. move them, back to the same page.. for all that matters.. aslong as if they press refresh they don't resend all the post information..

 

AND you should never set a cookie with your user's password in it..

 

also look into sessions, they're better for this :) cookies should be used for like.. nothing lolz. realistically though cookies really have no use whatsoever except maybe for php to asp communications or something.. but I still see no purpose.

 

^^ take that back actually.. I use a cookie to dynamically store user prefered titles for my users for my site.. but still that could be done with a session :)

if its at the very top just set your logged in value to true..  I don't see the problem.. and ANYWAY you shouldn't leave your user on the same page as you posted to.. header("Location: whatever...");.. move them, back to the same page.. for all that matters.. aslong as if they press refresh they don't resend all the post information..

 

AND you should never set a cookie with your user's password in it..

 

also look into sessions, they're better for this :) cookies should be used for like.. nothing lol. realistically though cookies really have no use whatsoever except maybe for php to asp communications or something.. but I still see no purpose.

 

^^ take that back actually.. I use a cookie to dynamically store user prefered titles for my users for my site.. but still that could be done with a session :)

 

The password is md5'd.

 

I also use:

 

if ($logged_in)

header("Location: (url)");

 

Just below that cookie code.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.