Jump to content

setting a cookie


squigs

Recommended Posts

A) You should be developing and debugging your code on a local development system and only put it on a live server once it is complete and tested. You will save a ton of time.

 

B) You can set those two settings in the master php.ini (the preferred location on a development system), in a .htaccess file (when php is running as an Apache Module), in a local php.ini (when php is running as a CGI application), or in your script. Setting them in your script is the last choice because you must remember to remove the settings when you are done and putting the settings in your script won't get fatal parse errors to be shown.

Link to comment
Share on other sites

A) You should be developing and debugging your code on a local development system and only put it on a live server once it is complete and tested. You will save a ton of time.

 

B) You can set those two settings in the master php.ini (the preferred location on a development system), in a .htaccess file (when php is running as an Apache Module), in a local php.ini (when php is running as a CGI application), or in your script. Setting them in your script is the last choice because you must remember to remove the settings when you are done and putting the settings in your script won't get fatal parse errors to be shown.

 

Thanks for the pointers, I'm all for saving a ton of time but sometimes learning the hard way is the only way to get things through my thick skull... I'll look into your suggestions.

Link to comment
Share on other sites

I read somewhere that adding this

 

php_value display_errors 1

php_value display_startup_errors 1

 

to my .htaccess file should work, but it only provided me with internal server errors, I then contacted my hosting support to get their opinion on how to set error_reporting to -1. I am waiting for their reply at the moment.

Link to comment
Share on other sites

Okay, so I have also added the following to the top of my page

 

<?php ini_set('display_errors', 1); ?>

 

But didn't seem to do anything. One thing I have noticed is that when I remove the slashes specifying my domain in the lines where I set my cookies the redirect below works however when they are there, that is when my page refuses to do anything but appears to be loading.

 

Its too bad my cookie isn't actually being set.

Link to comment
Share on other sites

I hope these are field you were looking for..

display_errors STDOUT STDOUT

display_startup_errors Off Off

error_log error_log error_log

error_prepend_string no value no value

error_reporting 6135 6135

log_errors On On

log_errors_max_len 1024 1024

Link to comment
Share on other sites

LOL, my head hurts... is my code pure rubbish or what? I can get a cookie set in a simple script i called test3.php it is as follows,

<?php 
    error_reporting(E_ALL); 
    ini_set("display_errors", true); 
    header("Content-Type: text/plain"); 
  
    if(isset($_COOKIE['cookietest'])) { 
        var_dump($_COOKIE); 
    } 
    else { 
        $time = time(); 
        setcookie("cookietest", $time, $time + 3600); 
        echo "Cookie set at: " . $time; 
    } 
?> 

 

This code works, in my actual code checking the information entered against my database works, I'm getting no errors, so unless the code after my DB checks is wrong I'm at a loss.

Link to comment
Share on other sites

This is the code I am currently running with which leads to the eternal loading page to nowhere.

<?php include ('../../Connections/login_db.php');?>
<?php 
error_reporting(E_ALL); 
    ini_set("display_errors", true); 
    header("Content-Type: text/plain"); 

if(isset($_COOKIE['ID_my_site']))
//if there is, it logs you in and directes you to the members page
{ $username = $_COOKIE['ID_my_site'];  
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check )) 
{
if ($pass != $info['password']) 
{
die ('blah');
}
else
{
header ('location:../admin.php');

}
}
}
//if the login form is submitted 
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. 
<p><a href=add.php>Click Here to Register</a>');
  }
  while($info = mysql_fetch_array( $check )) 
  {
  $_POST['pass'] = stripslashes($_POST['pass']);
  $info['password'] = stripslashes($info['password']);
  $_POST['pass'] = md5($_POST['pass']);
  
  //gives error if the password is wrong
  if ($_POST['pass'] != $info['password']) {
  die('Incorrect password, please try again.');
  }
else 
{ 
// if login is ok then we add a cookie 
setcookie("ID_my_site", ($_POST['username']), time()+60*60*24*30, "/"); 
setcookie("Key_my_site",($_POST['pass']), time()+60*60*24*30, "/"); 
//then redirect them to the members area 
header("location: ../admin.php");
exit;
} 
} 
} 
else 
{ 
// if they are not logged in 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="robots" content="noindex,nofollow"/>
<title>Administrator logon</title>
<link href="../../page.css" rel="stylesheet" type="text/css" />
  </head>
<body>
<div id="container">
<div id="header"><?php include ("../../login_header.php") ?></div>
<div id="photoNav"><?php include ("../../mainNav.php") ?></div>
<div id="tableContent">
<div class="bold_16" style="margin-top:40px">Administrator Login</div>
<div class="padding_top"><div style="padding-top:10px; text-align:center;">

</div>

<form action="" method="post"> 
<table border="0" align="center"> 
<tr><td colspan=2><div class="bold_14" style="padding-bottom:20px;">Please enter your login information</div></td></tr> 
<tr><td>Username:</td><td> 
<input name="username" type="text" size="23" maxlength="40"> 
</td></tr> 
<tr><td>Password:</td><td> 
<input name="pass" type="password" size="24" maxlength="50"> 
</td></tr> 
<tr><td colspan="2" align="right"> 
<input type="submit" name="submit" value="Login"> 
</td></tr> 
</table> 
</form> 
<?php 
} 

?>   

Link to comment
Share on other sites

Well, just to prove it can be done, let's get a cookie set and check for its presence. Copy this into a new file, save it as cookies.php and upload it. The call it into your browser and see what the output is.

 

<?php
if( !isset($_COOKIE['test']) ) {
     setcookie('test', 'value');
     header('Location: cookies.php');
     exit();
} else {
     echo 'Cookie Data:<br><pre>';
     print_r($_COOKIE);
     echo '</pre>';
}
?>

Link to comment
Share on other sites

Okay, using the code you posted earlier

echo 'Cookie Data:<br>';
echo '<pre>';
print_r($_COOKIE);
echo '</pre>';

I determined that the cookie is being set by my script! I pasted the above code on another page that I have in my site and it outputted the expected stuff.

 

However in the page I would actually like to redirect to upon success (admin.php) the redirect fails to work for whatever reason. This is the code for that page.

<?php include ('../Connections/login_db.php');?>
<?php
error_reporting(E_ALL); 
    ini_set("display_errors", true); 
    header("Content-Type: text/plain"); 

if (isset ($_COOKIE['ID_my_site'])) 
{ 
	$username = $_COOKIE['ID_my_site']; 
	$pass = $_COOKIE['Key_my_site']; 
	 	$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); 
	while($info = mysql_fetch_array( $check )) 	 
		{ 
//if the cookie does not exist, they are taken to the login screen 
if (!empty ($_COOKIE['ID_my_site'])) 
{
header ('location: login/admin_login.php');
}
//if the cookie has the wrong password, they are taken to the login page 
if ($pass != $info['password']) 
			{ 			header("Location: login/admin_login.php"); 
			}  
//otherwise they are shown the admin area	 
	}
		} 
else 


{			 
die("you suck"); 
} 
?> 

 

I feel like I'm actually starting to get somewhere here...

Link to comment
Share on other sites

Add some debugging code to the conditional to see if it's getting to that point or not. I'll catch up with you after I go eat dinner . . .

 

if (!empty ($_COOKIE['ID_my_site'])) {
    if( headers_sent() ){  // add me.
      echo '<br>Headers sent prior to header() redirect being reached.'; // add me.
   }  // add me.
   echo '$_COOKIE['ID_my_site'] is NOT empty.';  // add me.
   header ('location: login/admin_login.php');
}

Link to comment
Share on other sites

I got it!!!

I will post what actually worked in the end.

 

<?php include ('../Connections/login_db.php');?>
<?php
if(isset($_COOKIE['ID_my_site'])) 
{ 
$username = $_COOKIE['ID_my_site']; 
$pass = $_COOKIE['Key_my_site']; 
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); 
while($info = mysql_fetch_array( $check )) 
{ 

//if the cookie has the wrong password, they are taken to the login page 
		if ($pass != $info['password']) { 	
	header("Location: login/admin_login.php");} 


//otherwise they are shown the admin area	  
else	
{

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="robots" content="noindex,nofollow"/>
<title>Admin Page</title>
<link href="../page.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="container">
<div id="header"><?php include ("../header_sidebar.php") ?></div>
<div id="admin_mainContent">
  
</div>
<div id="footer">
    <p align="center"></p>
  <!-- end #footer --></div></div>
</body>
</html>			

<?php
  }
  }
  } 
else 
//if cookie doesn't exits
{			 
header('location: login/admin_login.php'); 
} 
?> 

It looks as though I was ordering my conditions wrong in that I was trying to check to see if there was a cookie existing before I allowed my page content.

 

Thanks for all your patience and posts I learned quite a bit through this thread and hope some others will too.

 

 

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.