Wemperer Posted August 7, 2013 Share Posted August 7, 2013 (edited) I'm trying to create a login script but I can't figure out how to pull the data out of a $_COOKIE and how cookies work with $_SESSION. Basically I have this //pull data from database $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; //store in the database strip for sql injection $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); //query database, check to see if username and password exist there / encrypt $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password=SHA('$mypassword')"; $result=mysql_query($sql); $count=mysql_num_rows($result); //if it exists, register the session with the username nad password, then set a cookie if($count==1) { $_SESSION("myusername"); $_SESSION("mypassword"); setcookie("username","$myusername",0); header("location:cookietest.php"); } else { echo "Wrong Username or Password"; } Then inside my cookietest.php.. if(isset($_SESSION['username'])) echo "session varible set and "; else echo "session varibale not set and "; if(isset($_COOKIE['username'])) echo "cookie is set"; else echo "cookie is not set"; Even thogh I can see int he browser that the cookie was created I get "session varible not set and cookie is not set" Edited August 7, 2013 by Wemperer Quote Link to comment Share on other sites More sharing options...
davidannis Posted August 8, 2013 Share Posted August 8, 2013 A couple of things. You need to do session_start(); at the top of your program. Then, set session variables as $_SESSION['myvar']=$myvar ; Don't store the password in a session variable, just the fact that the user successfully logged in. Quote Link to comment Share on other sites More sharing options...
Wemperer Posted August 8, 2013 Author Share Posted August 8, 2013 (edited) Thank you so much! I still can't seem to make the second script recognize the cookie though. Edited August 8, 2013 by Wemperer Quote Link to comment Share on other sites More sharing options...
Wemperer Posted August 8, 2013 Author Share Posted August 8, 2013 Is it because its not all in the same script? The cookie is set by index.php and it attempted to be accessed by testcookie.php. They're both in the same directory... Quote Link to comment Share on other sites More sharing options...
Wemperer Posted August 8, 2013 Author Share Posted August 8, 2013 Ok I was under the impression that SESSION relied on COOKIES. Apparently they CAN work together but session is sufficient enough. Quote Link to comment Share on other sites More sharing options...
davidannis Posted August 8, 2013 Share Posted August 8, 2013 Ok I was under the impression that SESSION relied on COOKIES. Apparently they CAN work together but session is sufficient enough. Yes, you do not need to store anything in cookies unless you want a user's login to last after they have closed their browser. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.