Jump to content

setcookie/getcookie problem

speedy_rudolf

By speedy_rudolf
in Javascript Help

Recommended Posts

speedy_rudolf Member

speedy_rudolf

Posted
Posted

Hi. I'm trying to make a website where people have to login to be able to see some contents. But I kind of got stuck. I'm trying to use cookies, but I can't get them to work. (The following code is to test if the cookies/site work)

 

Login page:

<html>
<head>
<script language="javascript">
<!--
function setcookie(){
document.cookie = "logged="+escape("Dom Director")
window.location = "/site.html"}
</script>
</head>
<body onload="setcookie()"></body>
</html>

 

Site Page:

<html>
<head><title>TITLU</title>
</script>
<script language="javascript">
<!--
function getCookie(cookies){
var results = document.cookie.match ( '(^| ?' + cookies + '=([^;]*)(;|$)' );
if ( results )
	return ( unescape ( results[2] ) );
else
	return null;}
</script>
</head>
<body>
<table width="100%">
<tr height="150"></tr>
<tr><td width="150">bara navigatie</td>
<td width="0*"><img src="400p.png">
<script>if (!getCookie('logged'))
document.write('You're not logged in.')
else
document.write('Hello , '+getCookie("logged"))</script>

 

The problem is that it doesn't matter if I load the site page or the login page, I only get "you're not logged in", so either the cookie isn't being set, or the search doesn't find the cookie.

Any help will be very much appreciated. Bye.

Link to comment
https://forums.phpfreaks.com/topic/213678-setcookiegetcookie-problem/
Share on other sites
Adam Advanced Member

Adam

Posted
Posted

First up, NEVER rely on a cookie for user authentication. It'd take a user a few seconds to modify the cookie to be any user they want. Not only that, but not every user has JavaScript enabled. You need to look server-side for a secure login. I'd read up on a few PHP user login tutorials to familiarise yourself with the logic behind it. Then I'd also have a good read up on security (to ensure your system has no vulnerabilities), PHPFreaks have a good tutorial on security. Then I'd scrap the tutorials you read and write your own from scratch, then have someone look over it; to ensure you understand the concept and are following the best practises.

 

JavaScript though is certainly not the way to go.

speedy_rudolf Member

speedy_rudolf

Posted
  • Author
Posted

First up, NEVER rely on a cookie for user authentication. It'd take a user a few seconds to modify the cookie to be any user they want. Not only that, but not every user has JavaScript enabled. You need to look server-side for a secure login. I'd read up on a few PHP user login tutorials to familiarise yourself with the logic behind it. Then I'd also have a good read up on security (to ensure your system has no vulnerabilities), PHPFreaks have a good tutorial on security. Then I'd scrap the tutorials you read and write your own from scratch, then have someone look over it; to ensure you understand the concept and are following the best practises.

 

JavaScript though is certainly not the way to go.

Thanks for the heads up. And I just found out what was wrong with my script (I was missing the cookie path=/):)

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.