Jump to content

cookies


woodplease

Recommended Posts

i'm trying to set a cookie value to a result from a query, but its not working. all of the other cookies are being set, except for one. any ideas why?

 

<?php 

//Checks if there is a login cookie 
if(isset($_COOKIE['ID_forum'])) 

//if there is, it logs you in and directs you to the members page 
{ 
$username = $_COOKIE['ID_forum']; 
$pass = $_COOKIE['Key_forum']; 
$user_level = $_COOKIE['Forum_level'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); 
while($info = mysql_fetch_array( $check )) 
{ 
if ($pass != $info['password']) 
{ 
} 
else 
{ 
header("Location: index.php"); 
} 
} 
} 
if (isset($_POST['submit'])) { // if form has been submitted 
// makes sure they filled it in 
if(!$_POST['username'] | !$_POST['pass']) { 
die('
<h2> You did not fill in all of the fields</h2>
<p<a href="login.php">Return to login page</a>
'); 
} 
// checks it against the database 
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error()); 
//Gives error if user dosen't exist 
$check2 = mysql_num_rows($check); 
if ($check2 == 0) { 
die('
<h2> That user does not exist in our database.<br/> </h2>
<p<a href="login.php">Return to login page</a>
'); 
} 
while($info = mysql_fetch_array( $check )) 
{ 
$_POST['pass'] = mysql_real_escape_string($_POST['pass']); 
$info['password'] = mysql_real_escape_string($info['password']); 
$_POST['pass'] = md5($_POST['pass']); 
//gives error if the password is wrong 
if ($_POST['pass'] != $info['password']) { 
die('
<h2> Incorrect password, please try again</h2>
<p<a href="login.php">Return to login page</a>
'); 
} 
else 
{ 
$_POST['username'] = mysql_real_escape_string($_POST['username']);
$_POST['user_level'] = mysql_real_escape_string($_POST['user_level']); 
$hour = time() + 3600; 

setcookie(ID_forum, $_POST['username'], $hour); 
setcookie(Key_forum, $_POST['pass'], $hour);
setcookie(Forum_level, $_POST['user_level'], $hour);  //this cookie is not being set
setcookie(test, 'test cookie', $hour);  // testing that cookie is being set - this works

header("Location: index.php"); 
$query2 = mysql_query("SELECT * FROM users WHERE username = ".$_POST['username'])or die(mysql_error());   
setcookie(Level_forum, $query2['user_level'], $hour);
} 
} 
} 
else 
{     
// if they are not logged in 
?> 

//form code is here. i have not included it to save space
<?php 
} 

?> 

 

Thanks

Link to comment
Share on other sites

Hi there WoodPlease,

 

This query:-

$check = mysql_query("SELECT * FROM `users` WHERE `username` = '".$username."' ")or die(mysql_error()); 

 

And it's always a good idea to build the query outside the function, this will make it easier to debug if the statement is being built dynamically

 

Your cookies:-

 

setcookie("ID_forum", $_POST['username'], $hour); 
setcookie("Key_forum", $_POST['pass'], $hour);
setcookie("Forum_level", $_POST['user_level'], $hour);
setcookie("test", 'test cookie', $hour);

 

You need to have quotes (Single or double) around the cookie names or the parser will throw an error/notice of undefined index presumed constant. error_reporting(E_ALL); would have pulled you up on that.

 

And not to be pedantic but:-

header("Location: index.php"); //After the header call nothing gets actioned
$query2 = mysql_query("SELECT * FROM `users` WHERE `username` = '".$_POST['username']."' ")or die(mysql_error());   
setcookie(Level_forum, $query2['user_level'], $hour);

 

I might be wrong, but shouldn't that header call be the last part of the case? And bear in mind that there are more parameters to be aware of though you don't necessarily have to use them all:-

 

http://uk3.php.net/manual/en/function.setcookie.php

 

And lastly, you need to quote the values going into the sql statement, otherwise there will be some sort of error going on... Realistically it's only numerical values that don't need to be quoted.

 

Cheers,

Rw

Link to comment
Share on other sites

Well the syntax looks correct, are you sure that there is a valid connection handle to the database? And can you guarantee that the script is actually getting to that else clause.

 

Instead of dynamic values in the cookies, try using fixed content to see if this helps, because this to me looks like the value's are not being set.

 

Other than that not too sure...

 

Cheers,

Rw

Link to comment
Share on other sites

there is definitely a connection to the database because the first to values are successfully being set, and when i use a fixed value, that is being set.

i think there must be a problem with

setcookie("Forum_level", $_POST['user_level'], $hour);

i'm i calling the value from the correct variable?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.