Jump to content

Archived

This topic is now archived and is closed to further replies.

squigs

setting a cookie

Recommended Posts

A) You should be developing and debugging your code on a local development system and only put it on a live server once it is complete and tested. You will save a ton of time.

 

B) You can set those two settings in the master php.ini (the preferred location on a development system), in a .htaccess file (when php is running as an Apache Module), in a local php.ini (when php is running as a CGI application), or in your script. Setting them in your script is the last choice because you must remember to remove the settings when you are done and putting the settings in your script won't get fatal parse errors to be shown.

Share this post


Link to post
Share on other sites

A) You should be developing and debugging your code on a local development system and only put it on a live server once it is complete and tested. You will save a ton of time.

 

B) You can set those two settings in the master php.ini (the preferred location on a development system), in a .htaccess file (when php is running as an Apache Module), in a local php.ini (when php is running as a CGI application), or in your script. Setting them in your script is the last choice because you must remember to remove the settings when you are done and putting the settings in your script won't get fatal parse errors to be shown.

 

Thanks for the pointers, I'm all for saving a ton of time but sometimes learning the hard way is the only way to get things through my thick skull... I'll look into your suggestions.

Share this post


Link to post
Share on other sites

Hello,

 

I'm wondering if anybody can help to tell me what my next move should be to try and fix this problem.

Share this post


Link to post
Share on other sites

Have you gotten error reporting turned on yet? That should be your next move.

Share this post


Link to post
Share on other sites

I read somewhere that adding this

 

php_value display_errors 1

php_value display_startup_errors 1

 

to my .htaccess file should work, but it only provided me with internal server errors, I then contacted my hosting support to get their opinion on how to set error_reporting to -1. I am waiting for their reply at the moment.

Share this post


Link to post
Share on other sites
but it only provided me with internal server errors

 

^^^ If you mean that it produced internal server errors, that means that php is not running as an Apache module and you cannot put php settings in to a .htaccess file.

Share this post


Link to post
Share on other sites

Okay, so I have also added the following to the top of my page

 

<?php ini_set('display_errors', 1); ?>

 

But didn't seem to do anything. One thing I have noticed is that when I remove the slashes specifying my domain in the lines where I set my cookies the redirect below works however when they are there, that is when my page refuses to do anything but appears to be loading.

 

Its too bad my cookie isn't actually being set.

Share this post


Link to post
Share on other sites

Have you gotten error reporting turned on yet? That should be your next move.

I just got a response and as I has suspected it was turned on all along.

Share this post


Link to post
Share on other sites

What does the output of phpinfo() show for error_reporting, display_errors, and log_errors?

Share this post


Link to post
Share on other sites

I hope these are field you were looking for..

display_errors STDOUT STDOUT

display_startup_errors Off Off

error_log error_log error_log

error_prepend_string no value no value

error_reporting 6135 6135

log_errors On On

log_errors_max_len 1024 1024

Share this post


Link to post
Share on other sites

Also, what does the phpinfo() show for output_buffering?

 

If you are redirecting (all over the place) and output_buffering is ON, any php error messages that would be output on any page WON'T be because they will be hidden by the action of the output_buffering.

Share this post


Link to post
Share on other sites

Also, what does the phpinfo() show for output_buffering?

output_buffering is set to no value

Share this post


Link to post
Share on other sites

Would it be easier for me to redo this script using sessions seeing as though I can't get cookies to work?

Share this post


Link to post
Share on other sites

It would be better to figure out the problem with getting a cookie set.

Share this post


Link to post
Share on other sites

If the code in reply #20 in this thread is the code you're still trying to use to set the cookies, then that is more than likely the whole problem. If that isn't the code you're using now, post the new code.

Share this post


Link to post
Share on other sites

LOL, my head hurts... is my code pure rubbish or what? I can get a cookie set in a simple script i called test3.php it is as follows,

<?php 
    error_reporting(E_ALL); 
    ini_set("display_errors", true); 
    header("Content-Type: text/plain"); 
  
    if(isset($_COOKIE['cookietest'])) { 
        var_dump($_COOKIE); 
    } 
    else { 
        $time = time(); 
        setcookie("cookietest", $time, $time + 3600); 
        echo "Cookie set at: " . $time; 
    } 
?> 

 

This code works, in my actual code checking the information entered against my database works, I'm getting no errors, so unless the code after my DB checks is wrong I'm at a loss.

Share this post


Link to post
Share on other sites

This is the code I am currently running with which leads to the eternal loading page to nowhere.

<?php include ('../../Connections/login_db.php');?>
<?php 
error_reporting(E_ALL); 
    ini_set("display_errors", true); 
    header("Content-Type: text/plain"); 

if(isset($_COOKIE['ID_my_site']))
//if there is, it logs you in and directes you to the members page
{ $username = $_COOKIE['ID_my_site'];  
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check )) 
{
if ($pass != $info['password']) 
{
die ('blah');
}
else
{
header ('location:../admin.php');

}
}
}
//if the login form is submitted 
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. 
<p><a href=add.php>Click Here to Register</a>');
  }
  while($info = mysql_fetch_array( $check )) 
  {
  $_POST['pass'] = stripslashes($_POST['pass']);
  $info['password'] = stripslashes($info['password']);
  $_POST['pass'] = md5($_POST['pass']);
  
  //gives error if the password is wrong
  if ($_POST['pass'] != $info['password']) {
  die('Incorrect password, please try again.');
  }
else 
{ 
// if login is ok then we add a cookie 
setcookie("ID_my_site", ($_POST['username']), time()+60*60*24*30, "/"); 
setcookie("Key_my_site",($_POST['pass']), time()+60*60*24*30, "/"); 
//then redirect them to the members area 
header("location: ../admin.php");
exit;
} 
} 
} 
else 
{ 
// if they are not logged in 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="robots" content="noindex,nofollow"/>
<title>Administrator logon</title>
<link href="../../page.css" rel="stylesheet" type="text/css" />
  </head>
<body>
<div id="container">
<div id="header"><?php include ("../../login_header.php") ?></div>
<div id="photoNav"><?php include ("../../mainNav.php") ?></div>
<div id="tableContent">
<div class="bold_16" style="margin-top:40px">Administrator Login</div>
<div class="padding_top"><div style="padding-top:10px; text-align:center;">

</div>

<form action="" method="post"> 
<table border="0" align="center"> 
<tr><td colspan=2><div class="bold_14" style="padding-bottom:20px;">Please enter your login information</div></td></tr> 
<tr><td>Username:</td><td> 
<input name="username" type="text" size="23" maxlength="40"> 
</td></tr> 
<tr><td>Password:</td><td> 
<input name="pass" type="password" size="24" maxlength="50"> 
</td></tr> 
<tr><td colspan="2" align="right"> 
<input type="submit" name="submit" value="Login"> 
</td></tr> 
</table> 
</form> 
<?php 
} 

?>   

Share this post


Link to post
Share on other sites

Well, just to prove it can be done, let's get a cookie set and check for its presence. Copy this into a new file, save it as cookies.php and upload it. The call it into your browser and see what the output is.

 

<?php
if( !isset($_COOKIE['test']) ) {
     setcookie('test', 'value');
     header('Location: cookies.php');
     exit();
} else {
     echo 'Cookie Data:<br><pre>';
     print_r($_COOKIE);
     echo '</pre>';
}
?>

Share this post


Link to post
Share on other sites

Okay, using the code you posted earlier

echo 'Cookie Data:<br>';
echo '<pre>';
print_r($_COOKIE);
echo '</pre>';

I determined that the cookie is being set by my script! I pasted the above code on another page that I have in my site and it outputted the expected stuff.

 

However in the page I would actually like to redirect to upon success (admin.php) the redirect fails to work for whatever reason. This is the code for that page.

<?php include ('../Connections/login_db.php');?>
<?php
error_reporting(E_ALL); 
    ini_set("display_errors", true); 
    header("Content-Type: text/plain"); 

if (isset ($_COOKIE['ID_my_site'])) 
{ 
	$username = $_COOKIE['ID_my_site']; 
	$pass = $_COOKIE['Key_my_site']; 
	 	$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); 
	while($info = mysql_fetch_array( $check )) 	 
		{ 
//if the cookie does not exist, they are taken to the login screen 
if (!empty ($_COOKIE['ID_my_site'])) 
{
header ('location: login/admin_login.php');
}
//if the cookie has the wrong password, they are taken to the login page 
if ($pass != $info['password']) 
			{ 			header("Location: login/admin_login.php"); 
			}  
//otherwise they are shown the admin area	 
	}
		} 
else 


{			 
die("you suck"); 
} 
?> 

 

I feel like I'm actually starting to get somewhere here...

Share this post


Link to post
Share on other sites

Add some debugging code to the conditional to see if it's getting to that point or not. I'll catch up with you after I go eat dinner . . .

 

if (!empty ($_COOKIE['ID_my_site'])) {
    if( headers_sent() ){  // add me.
      echo '<br>Headers sent prior to header() redirect being reached.'; // add me.
   }  // add me.
   echo '$_COOKIE['ID_my_site'] is NOT empty.';  // add me.
   header ('location: login/admin_login.php');
}

Share this post


Link to post
Share on other sites

I got it!!!

I will post what actually worked in the end.

 

<?php include ('../Connections/login_db.php');?>
<?php
if(isset($_COOKIE['ID_my_site'])) 
{ 
$username = $_COOKIE['ID_my_site']; 
$pass = $_COOKIE['Key_my_site']; 
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); 
while($info = mysql_fetch_array( $check )) 
{ 

//if the cookie has the wrong password, they are taken to the login page 
		if ($pass != $info['password']) { 	
	header("Location: login/admin_login.php");} 


//otherwise they are shown the admin area	  
else	
{

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="robots" content="noindex,nofollow"/>
<title>Admin Page</title>
<link href="../page.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="container">
<div id="header"><?php include ("../header_sidebar.php") ?></div>
<div id="admin_mainContent">
  
</div>
<div id="footer">
    <p align="center"></p>
  <!-- end #footer --></div></div>
</body>
</html>			

<?php
  }
  }
  } 
else 
//if cookie doesn't exits
{			 
header('location: login/admin_login.php'); 
} 
?> 

It looks as though I was ordering my conditions wrong in that I was trying to check to see if there was a cookie existing before I allowed my page content.

 

Thanks for all your patience and posts I learned quite a bit through this thread and hope some others will too.

 

 

Share this post


Link to post
Share on other sites

Would I have to use this same code on every single page that requires a user to be signed in or is there a better way to do it?

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.