Jump to content


Photo

Cookies won't set?


  • Please log in to reply
3 replies to this topic

#1 Balmung-San

Balmung-San
  • Members
  • PipPipPip
  • Advanced Member
  • 327 posts

Posted 30 September 2006 - 09:04 PM

Okay, I've got this script that's supposed to check for the existance of a cookie, wether or not the user exists based on the value of the cookie, and whether the password(contained in another cookie) is valid. However, it seems that it's not working correctly when the cookie doesn't exist. Any help?

if(isset($_COOKIE['hd_amv_user']))
	{
		if(!isset($_COOKIE['hd_amv_pass']))
		{
			setcookie("hd_amv_user","Guest",(time()+24*3600*9999));
			setcookie("hd_amv_pass","",(time()+24*3600*9999));
		}
		else
		{
			$passCheckSql = mysql_query("SELECT * FROM amv_users WHERE username='".$_COOKIE['hd_amv_user']."'");
			if(mysql_num_rows($passCheckSql) > 1 || mysql_num_rows($passCheckSql) == 0)
			{			
				setcookie("hd_amv_user","Guest",(time()+24*3600*9999));
				setcookie("hd_amv_pass","",(time()+24*3600*9999));
			}
			else
			{
				$passCheck = mysql_fetch_array($passCheckSql);
				if(strcasecmp($_COOKIE['hd_amv_pass'], $passCheck['password']) != 0)
				{
					setcookie("hd_amv_user","Guest",(time()+24*3600*9999));
					setcookie("hd_amv_pass","",(time()+24*3600*9999));
				}
			}
		}
	}
	else
	{
		setcookie("hd_amv_user","Guest",(time()+24*3600*9999));
		setcookie("hd_amv_pass","",(time()+24*3600*9999));
	}

"Paranoia is very useful in this work. ...If your cryptographic system can survive the paranoia model, it has at least a fighting chance of surviving in the real world." - Niels Ferguson & Bruce Schneier

They say there's more then one way to skin a cat.
In programming, there's no wrong way to skin a cat, just more efficent ways of doing so.

#2 Balmung-San

Balmung-San
  • Members
  • PipPipPip
  • Advanced Member
  • 327 posts

Posted 30 September 2006 - 09:19 PM

Sorry for the double post, I fixed that one, but now my logout script doesn't work. I do the setcookie() calls first thing in my script, set them both to blank with an expire time of time()-3600. Shouldn't that erase the cookies?

Oh, and I run the above script after I supposedly erased them.
"Paranoia is very useful in this work. ...If your cryptographic system can survive the paranoia model, it has at least a fighting chance of surviving in the real world." - Niels Ferguson & Bruce Schneier

They say there's more then one way to skin a cat.
In programming, there's no wrong way to skin a cat, just more efficent ways of doing so.

#3 HuggieBear

HuggieBear
  • Members
  • PipPipPip
  • Advanced Member
  • 1,899 posts
  • LocationEngland, UK

Posted 01 October 2006 - 01:20 PM

my logout script doesn't work. I do the setcookie() calls first thing in my script, set them both to blank with an expire time of time()-3600. Shouldn't that erase the cookies?


As you haven't posted your code for expiring the cookies, I have to guess what it looks like, but one piece of advice is make sure you you set it with the same amount of parameters.

From the manual...

Cookies must be deleted with the same parameters as they were set with. If the value argument is an empty string, or FALSE, and all other arguments match a previous call to setcookie, then the cookie with the specified name will be deleted from the remote client.


Regards
Huggie
Advice to MySQL users: Get phpMyAdmin and test your queries work there first, take half the hassle out of diagnosis, also check the reserved words list.

Links: PHP Docs :: RegEx's :: MySQL :: DevGuru :: w3schools

#4 Balmung-San

Balmung-San
  • Members
  • PipPipPip
  • Advanced Member
  • 327 posts

Posted 01 October 2006 - 04:09 PM

Ah, that'd do it. I was setting with 5 parameters, and trying to erase with 3.
"Paranoia is very useful in this work. ...If your cryptographic system can survive the paranoia model, it has at least a fighting chance of surviving in the real world." - Niels Ferguson & Bruce Schneier

They say there's more then one way to skin a cat.
In programming, there's no wrong way to skin a cat, just more efficent ways of doing so.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users