Russia Posted March 14, 2011 Share Posted March 14, 2011 Hey guys, Im trying to combine 2 logs to seperate parts of a website into 1. One of them uses sessions to store it. And the other uses cookies to login. I cant seem to get it working AT ALL. Even tho the cookies are being set and I can see it being set in firefox. Here is the page with the sessions. <?php if(isset($_POST['username'])){ $username = $_POST['username']; //name of the text field for usernames $password = $_POST['password']; //likewise here just for the password //connect to the db $user = 'root'; $pswd = ''; $db = 'chat'; $conn = mysql_connect('localhost', $user, $pswd); mysql_select_db($db, $conn); //run the query to search for the username and password the match $query = "SELECT * FROM users WHERE username = '$username' AND password ='$password'"; $result = mysql_query($query) or die("Unable to verify user because : " . mysql_error()); //this is where the actual verification happens if(mysql_num_rows($result) == 1){ //the username and password match //so e set the session to true session_start(); $_SESSION['username'] = $username; //STUFF FROM HERE TO THE OTHER COMMENT IS STUFF I ADDED MANUALLY TRYING TO GET THE COOKIES TO BE SET SO THEY WORK FOR BOTH $username = $_COOKIE['user_id']; $pass = $_COOKIE['pass_id']; setcookie("user_id", "$username", time()+3600); setcookie("pass_id", "$pass", time()+3600); //END OF THE CUSTOM STUFF, IT DOESNT WORK FOR SOME REASON //and then move them to the index page or the page to which they need to go header('Location: index.php'); }else{ $err = 'Incorrect username / password.' ; } //then just above your login form or where ever you want the error to be displayed you just put in echo $err; } else ?> I made comments // in the code so you can see whats going on. Here is the code that uses cookies, also it uses 2 pages. This is the one I think that mainly adds the cookies. <?php // Login Logic $username = ""; $err = ""; $err_style = ""; $err_style2= ""; //Checks if there is a login cookie if(isset($_COOKIE['user_id'])) { //if there is, it logs you in and directes you to the members page $username = $_COOKIE['user_id']; $pass = $_COOKIE['pass_id']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());$quer++; while($info = mysql_fetch_array( $check )) { if ($pass != $info['password']) { } else { header("Location: index.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // SANITISE $username = sanitize($_POST['username']); $pass = sanitize($_POST['pass']); $red = sanitize($_POST['red']); // makes sure they filled it in if(!$_POST['username']) { $err = 'You did not fill in a required section'; $err_style = "style='border: 1px solid #CC0000'"; $show_login = 1; } if(!$_POST['pass']) { $err = 'You did not fill in a required section'; $err_style2 = "style='border: 1px solid #CC0000'"; $show_login = 1; } // checks it against the database if (!$err) { $check = mysql_query("SELECT * FROM users WHERE username = '".$username."'")or die(mysql_error());$quer++; //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { $err = 'User not found - please try again!'; $err_style = "style='border: 1px solid #CC0000'"; $show_login = 1; } while($info = mysql_fetch_array( $check )) { $info['password'] = stripslashes($info['password']); $pass = $pass; //gives error if the password is wrong if ($pass != $info['password']) { $err = 'Incorrect password, please try again.'; $err_style2= "style='border: 1px solid #B02B2C;'"; $show_login = 1; } else { // if login is ok then we add a cookie $hour = time() + 3600; setcookie("user_id", $username, $hour); setcookie("pass_id", $pass, $hour); //then redirect them to the members area if (!$red) { header("Location: index.php"); } else { header("Location: $red.php"); } exit; } } } } ?> Here is the other page it also includes inside. <?php Check.php session_start(); //checks cookies to make sure they are logged in if(isset($_COOKIE['user_id'])) { $username = $_COOKIE['user_id']; $pass = $_COOKIE['pass_id']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());$quer++; while($info = mysql_fetch_array( $check )) { //if the cookie has the wrong password, they are taken to the login page if ($pass != $info['password']) { header("Location: login.php"); } //otherwise they are shown the admin area else { // Update some info setcookie ("user_id", $_COOKIE['user_id'], time() + 3600 ); setcookie ("pass_id", $_COOKIE['pass_id'], time() + 3600 ); // Get some basic user details, so we can use these later! $uname = $info['username']; $uID = $info['user_id']; $loggedin = 1; $admin_user = $info['admin']; } } } ?> Thanks for the upcoming help that you all provide. If anything else is needed please post here and il provide it. Quote Link to comment Share on other sites More sharing options...
jamesjmann Posted March 14, 2011 Share Posted March 14, 2011 In my opinion, you should start the session before doing anything else, and make sure session_start(); is at the top of every page, instead of putting it in an if statement. it should be like this <?php session_start(); //This essentially logs the person in. //There is no need to put the "session_start()" function in the if statement below if (username & password) { $_SESSION["member"] = $username; } ?> Of course it's all a matter of preference, but it keeps your scripts more tidy and (in my opinion) professional, when done in this way. Quote Link to comment Share on other sites More sharing options...
Russia Posted March 14, 2011 Author Share Posted March 14, 2011 Thanks, but I still need help integrating somehow those two login into one, so that the session and/or cookies from one login affect both scripts. That would be great Quote Link to comment Share on other sites More sharing options...
jamesjmann Posted March 14, 2011 Share Posted March 14, 2011 Thanks, but I still need help integrating somehow those two login into one, so that the session and/or cookies from one login affect both scripts. That would be great You're welcome =) Now I would assume both login scripts are using the same cookie/session names? I'm pretty sure that if you use the same cookie or session variable names for both logins, they will, essentially, be one in the same. For example you would use <?php $_SESSION["member"]; //for both login scripts if the login succeeds ?> Same with the cookies. <?php setcookie ("stay_on", "$username", time() +4000); //for both login scripts ?> Hope this helps! Quote Link to comment Share on other sites More sharing options...
Russia Posted March 14, 2011 Author Share Posted March 14, 2011 I did try that code, and I think I already have it in there in the first pho code I posted. //this is where the actual verification happens if(mysql_num_rows($result) == 1){ //the username and password match //so e set the session to true session_start(); $_SESSION['username'] = $username; //STUFF FROM HERE TO THE OTHER COMMENT IS STUFF I ADDED MANUALLY TRYING TO GET THE COOKIES TO BE SET SO THEY WORK FOR BOTH $username = $_COOKIE['user_id']; $pass = $_COOKIE['pass_id']; setcookie("user_id", "$username", time()+3600); setcookie("pass_id", "$pass", time()+3600); //END OF THE CUSTOM STUFF, IT DOESNT WORK FOR SOME REASON Thats the main login that i want to use to combine both of them. Here is the full code of it. <?php if(isset($_POST['username'])){ $username = $_POST['username']; //name of the text field for usernames $password = $_POST['password']; //likewise here just for the password //connect to the db $user = 'root'; $pswd = ''; $db = 'chat'; $conn = mysql_connect('localhost', $user, $pswd); mysql_select_db($db, $conn); //run the query to search for the username and password the match $query = "SELECT * FROM users WHERE username = '$username' AND password ='$password'"; $result = mysql_query($query) or die("Unable to verify user because : " . mysql_error()); //this is where the actual verification happens if(mysql_num_rows($result) == 1){ //the username and password match //so e set the session to true session_start(); $_SESSION['username'] = $username; //STUFF FROM HERE TO THE OTHER COMMENT IS STUFF I ADDED MANUALLY TRYING TO GET THE COOKIES TO BE SET SO THEY WORK FOR BOTH $username = $_COOKIE['user_id']; $pass = $_COOKIE['pass_id']; setcookie("user_id", "$username", time()+3600); setcookie("pass_id", "$pass", time()+3600); //END OF THE CUSTOM STUFF, IT DOESNT WORK FOR SOME REASON //and then move them to the index page or the page to which they need to go header('Location: index.php'); }else{ $err = 'Incorrect username / password.' ; } //then just above your login form or where ever you want the error to be displayed you just put in echo $err; } else ?> Quote Link to comment Share on other sites More sharing options...
jamesjmann Posted March 15, 2011 Share Posted March 15, 2011 Okay, first off, your setting your cookies wrong and THAT'S why it's not working. The way I learned, is you write "setcookie" with a "();" containing all of the arguments to the "setcookie" function. The first argument gives a name for the cookie. The second defines a value. The Third contains the expiration date of the cookie. The fourth assigns the cookie to a specific domain name. And the fifth (and last, I think), specifies a certain path within the domain you specify in the fourth argument. DO: <?php setcookie ("username", "$username", time() + 5000, ".mywebsite.com", "/mypath"); ?> DONT DO: <?php //Your assigning a $_COOKIE variable to the variable $username, but you're not giving either $_COOKIE variables an actual value. $username = $_COOKIE['user_id']; $pass = $_COOKIE['pass_id']; setcookie("user_id", "$username", time()+3600); setcookie("pass_id", "$pass", time()+3600); //If you want to create cookies using variables, you want to do them like this: $username = $_POST["username"]; $password = $_POST["password"]; setcookie("username", $username, time() + 3600); setcookie("password", $password, time() + 3600); ?> Hope this helps! Please correct me if I misunderstood your code. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.