eddcaton Posted August 4, 2020 Share Posted August 4, 2020 Hey All, I have been struggling with this for the last few days and really cannot work out why this is not working. I am building a PHP login system and cannot get the Set Cookies function when I add the it to the website template. I have created a PHP file with nothing but a login form and the code to set a cookie, then divert to index.php page. This works perfectly! But when I use this within the website template i have it suddenly stops working! Any input would be much appreciated as I am running out of things to try. Basic PHP File (that works): <?php //login.php include 'db_const.php'; if(isset($_COOKIE["user_id"])) { header("location:index.php"); } $message = ''; if(isset($_POST["login"])) { if(empty($_POST["user_email"]) || empty($_POST["user_password"])) { $message = "<div class='alert alert-danger'>Both Fields are required</div>"; } else { $query = " SELECT * FROM user_details WHERE user_email = :user_email"; $statement = $connect->prepare($query); $statement->execute( array( 'user_email' => $_POST["user_email"] ) ); $count = $statement->rowCount(); if($count > 0) { $result = $statement->fetchAll(); foreach($result as $row) { if(password_verify($_POST["user_password"], $row["user_password"])) //// Check PHP HASH ///////////// { setcookie("user_id", $row["user_id"], time()+86400); header("location:index.php"); } else { $message = '<div class="alert alert-danger">Wrong Password</div>'; } } } else { $message = "<div class='alert alert-danger'>Wrong Email Address</div>"; } } } ?> <!DOCTYPE html> <html> <head> <title>How to create PHP Login Script using Cookies</title> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js"></script> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" /> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script> </head> <body> <br /> <div class="container"> <h2 align="center">How to create PHP Login Script using Cookies</h2> <br /> <div class="panel panel-default"> <div class="panel-heading">Login</div> <div class="panel-body"> <span><?php echo $message; ?></span> <form method="post"> <div class="form-group"> <label>User Email</label> <input type="text" name="user_email" id="user_email" class="form-control" /> </div> <div class="form-group"> <label>Password</label> <input type="password" name="user_password" id="user_password" class="form-control" /> </div> <div class="form-group"> <input type="submit" name="login" id="login" class="btn btn-info" value="Login" /> </div> </form> </div> </div> <br /> <p>Admin email - john_smith@gmail.com</p> <p>Admin Password - password</p> <p>All user password is 'password'</p> </div> </body> </html> PHP file with design: <?php include 'db_const.php'; if(isset($_COOKIE["id"])) { header("location:index.php"); } $message = ''; if(isset($_POST["login"])) { if(empty($_POST["user_email"]) || empty($_POST["user_password"])) { $message = "<div class='alert alert-danger'>Both Fields are required</div>"; } else { $query = " SELECT * FROM user_details WHERE user_email = :user_email"; $statement = $connect->prepare($query); $statement->execute( array( 'user_email' => $_POST["user_email"] ) ); $count = $statement->rowCount(); if($count > 0) { $result = $statement->fetchAll(); foreach($result as $row) { if(password_verify($_POST["user_password"], $row["user_password"])) //// Check PHP HASH ///////////// { setcookie("user_id", $row["user_id"], time()+86400); header("location:index.php"); } else { $message = '<div class="alert alert-danger">Wrong Password</div>'; } } } else { $message = "<div class='alert alert-danger'>Wrong Email Address</div>"; } } } ?> <!DOCTYPE html> <html lang="en"> <head> <!--[if IE]> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <![endif]--> <meta name="description" content=""> <meta name="author" content="ScriptsBundle"> <title>AdForest | Largest Classifieds Portal</title> <!-- =-=-=-=-=-=-= Favicons Icon =-=-=-=-=-=-= --> <link rel="icon" href="images\favicon.ico" type="image/x-icon"> <!-- =-=-=-=-=-=-= Mobile Specific =-=-=-=-=-=-= --> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> <!-- =-=-=-=-=-=-= Bootstrap CSS Style =-=-=-=-=-=-= --> <link rel="stylesheet" href="css\bootstrap.css"> <!-- =-=-=-=-=-=-= Template CSS Style =-=-=-=-=-=-= --> <link rel="stylesheet" href="css\style.css"> <!-- =-=-=-=-=-=-= Font Awesome =-=-=-=-=-=-= --> <link rel="stylesheet" href="css\font-awesome.css" type="text/css"> <!-- =-=-=-=-=-=-= Flat Icon =-=-=-=-=-=-= --> <link href="css\flaticon.css" rel="stylesheet"> <!-- =-=-=-=-=-=-= Et Line Fonts =-=-=-=-=-=-= --> <link rel="stylesheet" href="css\et-line-fonts.css" type="text/css"> <!-- =-=-=-=-=-=-= Menu Drop Down =-=-=-=-=-=-= --> <link rel="stylesheet" href="css\forest-menu.css" type="text/css"> <!-- =-=-=-=-=-=-= Animation =-=-=-=-=-=-= --> <link rel="stylesheet" href="css\animate.min.css" type="text/css"> <!-- =-=-=-=-=-=-= Select Options =-=-=-=-=-=-= --> <link href="css\select2.min.css" rel="stylesheet"> <!-- =-=-=-=-=-=-= noUiSlider =-=-=-=-=-=-= --> <link href="css\nouislider.min.css" rel="stylesheet"> <!-- =-=-=-=-=-=-= Listing Slider =-=-=-=-=-=-= --> <link href="css\slider.css" rel="stylesheet"> <!-- =-=-=-=-=-=-= Owl carousel =-=-=-=-=-=-= --> <link rel="stylesheet" type="text/css" href="css\owl.carousel.css"> <link rel="stylesheet" type="text/css" href="css\owl.theme.css"> <!-- =-=-=-=-=-=-= Check boxes =-=-=-=-=-=-= --> <link href="skins\minimal\minimal.css" rel="stylesheet"> <!-- =-=-=-=-=-=-= Responsive Media =-=-=-=-=-=-= --> <link href="css\responsive-media.css" rel="stylesheet"> <!-- =-=-=-=-=-=-= Template Color =-=-=-=-=-=-= --> <link rel="stylesheet" id="color" href="css\colors\defualt.css"> <!-- =-=-=-=-=-=-= For Style Switcher =-=-=-=-=-=-= --> <link rel="stylesheet" id="theme-color" type="text/css" href="#"> <!-- =-=-=-=-=-=-= Check boxes =-=-=-=-=-=-= --> <link href="skins\minimal\minimal.css" rel="stylesheet"> <!-- JavaScripts --> <script src="js\modernizr.js"></script> <!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries --> <!-- WARNING: Respond.js doesn't work if you view the page via file:// --> <!--[if lt IE 9]> <script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script> <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script> <![endif]--> </head> <body> <!-- =-=-=-=-=-=-= Light Header =-=-=-=-=-=-= --> <div class="colored-header"> <!-- Top Bar --> <div class="header-top"> <div class="container"> <div class="row"> <!-- Header Top Left --> <div class="header-top-left col-md-8 col-sm-6 col-xs-12 hidden-xs"> <ul class="listnone"> <li><a href="about.html"><i class="fa fa-heart-o" aria-hidden="true"></i> About</a></li> <li><a href="faqs.html"><i class="fa fa-folder-open-o" aria-hidden="true"></i> FAQS</a></li> </ul> </div> <!-- Header Top Right Social --> <div class="header-right col-md-4 col-sm-6 col-xs-12 "> <div class="pull-right"> <ul class="listnone"> <?php if(empty($user_id)) { echo("<li><a href=\"login.php\"><i class=\"fa fa-sign-in\"></i> Log in</a></li> <li><a href=\"register.php\"><i class=\"fa fa-unlock\" aria-hidden=\"true\"></i> Register</a></li></ul>"); } else { echo("<li class=\"dropdown\"> <a href=\"#\" class=\"dropdown-toggle\" data-toggle=\"dropdown\" role=\"button\" aria-haspopup=\"true\" aria-expanded=\"false\"><i class=\"icon-profile-male\" aria-hidden=\"true\"></i>Test<span class=\"caret\"></span></a> <ul class=\"dropdown-menu\"> <li><a href=\"profile.php\">User Profile</a></li> <li><a href=\"archives.html\">Archives</a></li> <li><a href=\"active-ads.html\">Active Ads</a></li> <li><a href=\"pending-ads.html\">Pending Ads</a></li> <li><a href=\"favourite.html\">Favourite Ads</a></li> <li><a href=\"messages.html\">Message Panel</a></li> <li><a href=\"deactive.html\">Account Deactivation</a></li> <li><a href=\"logout.php\">Log Out</a></li>"); } ?> </ul> </div> </div> </div> </div> </div> <!-- Top Bar End --> <!-- Navigation Menu --> <nav id="menu-1" class="mega-menu"> <!-- menu list items container --> <section class="menu-list-items"> <div class="container"> <div class="row"> <div class="col-lg-12 col-md-12"> <!-- menu logo --> <ul class="menu-logo"> <li> <a href="index.html"><img src="images\logo.png" alt="logo"> </a> </li> </ul> <!-- menu links --> <ul class="menu-links"> <!-- active class --> <li> <a href="javascript:void(0)"> Home <i class="fa fa-angle-down fa-indicator"></i></a> <div class="drop-down grid-col-8"> <!--grid row--> <div class="grid-row"> <!--grid column 3--> <div class="grid-col-4"> <ul> <li><a href="index.html">Home 1 - Default </a></li> <li><a href="index-transparent.html">Home 2 (Transparent)</a></li> <li><a href="index-2.html">Home 3 (Variation)</a></li> <li><a href="index-3.html">Home 4 (Master Slider)</a></li> </ul> </div> <div class="grid-col-4"> <ul> <li><a href="index-4.html">Home 5 (With Map Listing)</a></li> <li><a href="index-5.html">Home 6 (Modern Style)</a></li> <li><a href="index-6.html">Home 7 (Variation)</a></li> <li><a href="index-7.html">Home 8 (Category Slider)</a></li> </ul> </div> <div class="grid-col-4"> <ul> <li><a href="index-10.html">Home 11 (Modern Home)</a></li> <li><a href="index-8.html">Home 9 (Landing Page)</a></li> <li><a href="index-9.html">Home 10 (Variation)</a></li> </ul> </div> </div> </div> </li> <li> <a href="javascript:void(0)">Listing <i class="fa fa-angle-down fa-indicator"></i></a> <!-- drop down multilevel --> <ul class="drop-down-multilevel"> <li> <a href="javascript:void(0)">Grid Style<i class="fa fa-angle-right fa-indicator"></i> <span class="label label-info">New</span></a> <!-- drop down second level --> <ul class="drop-down-multilevel"> <li><a href="listing.html">Listing Grid 1</a></li> <li><a href="listing-1.html">Listing Grid 2</a></li> <li><a href="listing-2.html">Listing Grid 3</a></li> <li><a href="listing-7.html">Listing Featured <span class="label label-info">New</span></a></li> </ul> </li> <li> <a href="javascript:void(0)">List Style<i class="fa fa-angle-right fa-indicator"></i> </a> <!-- drop down second level --> <ul class="drop-down-multilevel"> <li><a href="listing-3.html">List View 1</a></li> <li><a href="listing-4.html">List View 2</a></li> <li><a href="listing-5.html">List View 3</a></li> <li><a href="listing-6.html">List View 4</a></li> </ul> </li> <li> <a href="javascript:void(0)">Single Ad<i class="fa fa-angle-right fa-indicator"></i> <span class="label label-info">New</span></a> <!-- drop down second level --> <ul class="drop-down-multilevel"> <li><a href="single-page-listing.html">Single Ad Detail</a></li> <li><a href="single-page-listing-featured.html">Ad (Featured) <span class="label label-info">New</span></a></li> <li><a href="single-page-listing-2.html">Single Ad 2</a></li> <li><a href="single-page-listing-3.html">Single Ad (Adsense)</a></li> <li><a href="single-page-expired.html">Single Ad (Closed)</a></li> </ul> </li> <li><a href="icons.html">Classified Icons </a></li> </ul> </li> <li> <a href="javascript:void(0)">Categories <i class="fa fa-angle-down fa-indicator"></i></a> <!-- drop down multilevel --> <ul class="drop-down-multilevel"> <li><a href="category-2.html">Modern Variation</a></li> <li><a href="category-3.html">Minimal Variation</a></li> <li><a href="category-4.html">Fancy Variation</a></li> <li><a href="category-6.html">Flat Variation</a></li> </ul> </li> <li> <a href="javascript:void(0)">Dashboard <i class="fa fa-angle-down fa-indicator"></i></a> <!-- drop down multilevel --> <ul class="drop-down-multilevel"> <li><a href="profile.html">User Profile</a></li> <li><a href="profile-2.html">User Profile 2</a></li> <li><a href="archives.html">Archives</a></li> <li><a href="active-ads.html">Active Ads</a></li> <li><a href="pending-ads.html">Pending Ads</a></li> <li><a href="favourite.html">Favourite Ads</a></li> <li><a href="messages.html">Message Panel</a></li> <li><a href="deactive.html">Account Deactivation</a></li> </ul> </li> <li> <a href="javascript:void(0)">Pages <i class="fa fa-angle-down fa-indicator"></i></a> <!-- drop down full width --> <div class="drop-down grid-col-12"> <!--grid row--> <div class="grid-row"> <!--grid column 2--> <div class="grid-col-3"> <h4>Blog</h4> <ul> <li><a href="blog.html">Blog With Right Sidebar</a></li> <li><a href="blog-1.html">Blog With Masonry Style</a></li> <li><a href="blog-2.html">Blog Without Sidebar</a></li> <li><a href="blog-details.html">Single Blog </a></li> <li><a href="blog-details-1.html">Single Blog (Adsense) </a></li> </ul> </div> <!--grid column 2--> <div class="grid-col-3"> <h4>Miscellaneous</h4> <ul> <li><a href="about.html">About Us</a></li> <li><a href="cooming-soon.html">Comming Soon</a></li> <li><a href="elements.html">Shortcodes</a></li> <li><a href="error.html">404 Page</a></li> <li><a href="faqs.html">FAQS</a></li> </ul> </div> <!--grid column 2--> <div class="grid-col-3"> <h4>Others</h4> <ul> <li><a href="login.html">Login</a></li> <li><a href="register.html">Register</a></li> <li><a href="pricing.html">Pricing</a></li> <li><a href="site-map.html">Site Map</a></li> <li><a href="post-ad-1.html">Post Ad</a></li> </ul> </div> <!--grid column 2--> <div class="grid-col-3"> <h4>Detail Page</h4> <ul> <li><a href="post-ad-2.html">Post Ad 2</a></li> <li><a href="single-page-listing.html">Single Ad Detail</a></li> <li><a href="single-page-listing-2.html">Single Ad 2</a></li> <li><a href="single-page-listing-3.html">Single Ad (Adsense)</a></li> <li><a href="single-page-expired.html">Single Ad (Closed)</a></li> </ul> </div> <!--grid column 2--> </div> </div> </li> <li> <a href="javascript:void(0)">Drop Down <i class="fa fa-angle-down fa-indicator"></i></a> <!-- drop down multilevel --> <ul class="drop-down-multilevel"> <li><a href="#">Item one</a></li> <li> <a href="javascript:void(0)">Items Right Side <i class="fa fa-angle-right fa-indicator"></i> </a> <!-- drop down second level --> <ul class="drop-down-multilevel"> <li> <a href="javascript:void(0)"> <i class="fa fa-buysellads"></i> Level 2 <i class="fa fa-angle-right fa-indicator"></i></a> <!-- drop down third level --> <ul class="drop-down-multilevel"> <li><a href="#">Level 3</a></li> <li><a href="#">Level 3</a></li> <li><a href="#">Level 3</a></li> </ul> </li> <li> <a href="javascript:void(0)"> <i class="fa fa-dashcube"></i> Level 2 <i class="fa fa-angle-right fa-indicator"></i></a> <!-- drop down third level --> <ul class="drop-down-multilevel"> <li><a href="#">Level 3</a></li> <li><a href="#">Level 3</a></li> <li><a href="#">Level 3</a></li> </ul> </li> <li> <a href="javascript:void(0)"> <i class="fa fa-heartbeat"></i> Level 2 <i class="fa fa-angle-right fa-indicator"></i></a> <!-- drop down third level --> <ul class="drop-down-multilevel"> <li><a href="#">Level 3</a></li> <li><a href="#">Level 3</a></li> <li><a href="#">Level 3</a></li> </ul> </li> <li> <a href="javascript:void(0)"> <i class="fa fa-medium"></i> Level 2 <i class="fa fa-angle-right fa-indicator"></i></a> <!-- drop down third level --> <ul class="drop-down-multilevel"> <li><a href="#">Level 3</a></li> <li><a href="#">Level 3</a></li> <li><a href="#">Level 3</a></li> </ul> </li> <li> <a href="javascript:void(0)"> <i class="fa fa-leanpub"></i> Level 2 <i class="fa fa-angle-right fa-indicator"></i> </a> <!-- drop down third level --> <ul class="drop-down-multilevel"> <li><a href="#">Level 3</a></li> <li><a href="#">Level 3</a></li> <li><a href="#">Level 3</a></li> </ul> </li> </ul> </li> <li><a href="#">Item 2</a></li> <li> <a href="javascript:void(0)">Items Left Side <i class="fa fa-angle-left fa-indicator"></i> </a> <!-- add class left-side --> <ul class="drop-down-multilevel left-side"> <li> <a href="#"> <i class="fa fa-forumbee"></i> Level 2</a> </li> <li> <a href="#"> <i class="fa fa-hotel"></i> Level 2</a> </li> <li> <a href="#"> <i class="fa fa-automobile"></i> Level 2</a> </li> <li> <a href="javascript:void(0)"> <i class="fa fa-heartbeat"></i> Level 2 <i class="fa fa-plus fa-indicator"></i> </a> <!--drop down second level--> <ul class="drop-down-multilevel"> <li><a href="#">Level 3</a></li> <li><a href="#">Level 3</a></li> <li><a href="#">Level 3</a></li> <li><a href="#">Level 3</a></li> </ul> </li> <li> <a href="#"> <i class="fa fa-bookmark"></i> Level 2</a> </li> <li> <a href="#"> <i class="fa fa-bell"></i> Level 2</a> </li> <li> <a href="#"> <i class="fa fa-soccer-ball-o"></i> Level 2</a> </li> <li> <a href="#"> <i class="fa fa-life-ring"></i> Level 2</a> </li> </ul> </li> <li><a href="#">Item 4</a> </li> </ul> </li> <li><a href="contact.html">Contact </a></li> </ul> <ul class="menu-search-bar"> <li> <a href="post-ad-1.html" class="btn btn-light"><i class="fa fa-plus" aria-hidden="true"></i> Post Free Ad</a> </li> </ul> </div> </div> </div> </section> </nav> </div> <!-- Navigation Menu End --> <!-- =-=-=-=-=-=-= Light Header End =-=-=-=-=-=-= --> <!-- =-=-=-=-=-=-= Transparent Breadcrumb =-=-=-=-=-=-= --> <div class="page-header-area"> <div class="container"> <div class="row"> <div class="col-lg-12 col-md-12 col-sm-12 col-xs-12"> <div class="header-page"> <h1>User Sign In</h1> </div> </div> </div> </div> </div> <!-- Small Breadcrumb --> <div class="small-breadcrumb"> <div class="container"> <div class=" breadcrumb-link"> <ul> <li><a href="index.html">Home Page</a></li> <li><a class="active" href="#">Sign In</a></li> </ul> </div> </div> </div> <!-- Small Breadcrumb --> <!-- =-=-=-=-=-=-= Transparent Breadcrumb End =-=-=-=-=-=-= --> <!-- =-=-=-=-=-=-= Main Content Area =-=-=-=-=-=-= --> <div class="main-content-area clearfix"> <!-- =-=-=-=-=-=-= Latest Ads =-=-=-=-=-=-= --> <section class="section-padding error-page pattern-bg "> <!-- Main Container --> <div class="container"> <!-- Row --> <div class="row"> <!-- Middle Content Area --> <div class="col-md-5 col-md-push-7 col-sm-6 col-xs-12"> <!-- Form --> <span><?php echo $message; ?></span> <div class="form-grid"> <form method="post"> <div class="form-group"> <label>Email</label> <input type="text" name="user_email" id="user_email" class="form-control" /> </div> <div class="form-group"> <label>Password</label> <input type="password" name="user_password" id="user_password" class="form-control" /> </div> <div class="form-group"> <div class="row"> <div class="col-xs-12"> <div class="skin-minimal"> <ul class="list"> <li> <input type="checkbox" id="minimal-checkbox-1"> <label for="minimal-checkbox-1">Remember Me</label> </li> </ul> </div> </div> </div> </div> <input type="submit" name="login" id="login" class="btn btn-info" value="Login" /> </form> </div> <!-- Form --> </div> <div class="col-md-7 col-md-pull-5 col-xs-12 col-sm-6"> <div class="heading-panel"> <h3 class="main-title text-left"> Sign In to your account </h3> </div> <div class="content-info"> <div class="features"> <div class="features-icons"> <img src="images\icons\chat.png" alt="img"> </div> <div class="features-text"> <h3>Chat & Messaging</h3> <p> Access your chats and account info from any device. </p> </div> </div> <div class="features"> <div class="features-icons"> <img src="images\icons\panel.png" alt="img"> </div> <div class="features-text"> <h3>User Dashboard</h3> <p> Maintain a wishlist by saving your favourite items. </p> </div> </div> <span class="arrowsign hidden-sm hidden-xs"><img src="images\arrow.png" alt=""></span> </div> </div> <!-- Middle Content Area End --> </div> <!-- Row End --> </div> <!-- Main Container End --> </section> <!-- =-=-=-=-=-=-= Ads Archives End =-=-=-=-=-=-= --> <!-- =-=-=-=-=-=-= FOOTER =-=-=-=-=-=-= --> <footer> <!-- Footer Content --> <div class="footer-top"> <div class="container"> <div class="row"> <div class="col-md-3 col-sm-6 col-xs-12"> <!-- Info Widget --> <div class="widget"> <div class="logo"> <img alt="" src="images\logo-1.png"> </div> <p>Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur et dolor eget erat fringilla port.</p> <ul> <li><img src="images\appstore.png" alt=""></li> <li><img src="images\googleplay.png" alt=""></li> </ul> </div> <!-- Info Widget Exit --> </div> <div class="col-md-3 col-sm-6 col-xs-12"> <!-- Follow Us --> <div class="widget socail-icons"> <h5>Follow Us</h5> <ul> <li><a class="fb" href=""><i class="fa fa-facebook"></i></a><span>Facebook</span></li> <li><a class="twitter" href=""><i class="fa fa-twitter"></i></a><span>Twitter</span></li> <li><a class="linkedin" href=""><i class="fa fa-linkedin"></i></a><span>Linkedin</span></li> <li><a class="googleplus" href=""><i class="fa fa-google-plus"></i></a><span>Google+</span></li> </ul> </div> <!-- Follow Us End --> </div> <div class="col-md-6 col-sm-6 col-xs-12"> <!-- Newslatter --> <div class="widget widget-newsletter"> <h5>Singup for Weekly Newsletter</h5> <div class="fieldset"> <p>We may send you information about related events, webinars, products and services which we believe.</p> <form> <input class="" value="Enter your email address" type="text"> <input class="submit-btn" name="submit" value="Submit" type="submit"> </form> </div> </div> <!-- Newslatter --> </div> </div> </div> </div> <!-- Copyrights --> <div class="copyrights"> <div class="container"> <div class="copyright-content"> <div class="row"> <div class="col-lg-12 col-md-12 col-sm-12 col-xs-12"> <p>© 2017 AForest All rights reserved. Design by <a href="http://themeforest.net/user/scriptsbundle/portfolio" target="_blank">Scriptsbundle</a> </p> </div> </div> </div> </div> </div> </footer> <!-- =-=-=-=-=-=-= FOOTER END =-=-=-=-=-=-= --> </div> <!-- Main Content Area End --> <!-- Post Ad Sticky --> <a href="#" class="sticky-post-button hidden-xs"> <span class="sell-icons"> <i class="flaticon-transport-9"></i> </span> <h4>SELL</h4> </a> <!-- Back To Top --> <a href="#0" class="cd-top">Top</a> <!-- =-=-=-=-=-=-= JQUERY =-=-=-=-=-=-= --> <script src="js\jquery.min.js"></script> <!-- Bootstrap Core Css --> <script src="js\bootstrap.min.js"></script> <!-- Jquery Easing --> <script src="js\easing.js"></script> <!-- Menu Hover --> <script src="js\forest-megamenu.js"></script> <!-- Jquery Appear Plugin --> <script src="js\jquery.appear.min.js"></script> <!-- Numbers Animation --> <script src="js\jquery.countTo.js"></script> <!-- Jquery Smooth Scroll --> <script src="js\jquery.smoothscroll.js"></script> <!-- Jquery Select Options --> <script src="js\select2.min.js"></script> <!-- noUiSlider --> <script src="js\nouislider.all.min.js"></script> <!-- Carousel Slider --> <script src="js\carousel.min.js"></script> <script src="js\slide.js"></script> <!-- Image Loaded --> <script src="js\imagesloaded.js"></script> <script src="js\isotope.min.js"></script> <!-- CheckBoxes --> <script src="js\icheck.min.js"></script> <!-- Jquery Migration --> <script src="js\jquery-migrate.min.js"></script> <!-- Sticky Bar --> <script src="js\theia-sticky-sidebar.js"></script> <!-- Style Switcher --> <script src="js\color-switcher.js"></script> <!-- Template Core JS --> <script src="js\custom.js"></script> </body> </html> Quote Link to comment Share on other sites More sharing options...
gw1500se Posted August 4, 2020 Share Posted August 4, 2020 When using it from a template does the 'setcookie' get executed before any HTML output? Quote Link to comment Share on other sites More sharing options...
eddcaton Posted August 4, 2020 Author Share Posted August 4, 2020 5 minutes ago, gw1500se said: When using it from a template does the 'setcookie' get executed before any HTML output? Yes it is in the very top of the file before any HTML tags Quote Link to comment Share on other sites More sharing options...
gw1500se Posted August 4, 2020 Share Posted August 4, 2020 Not necessarily just tags. Any HTML including white space. Quote Link to comment Share on other sites More sharing options...
eddcaton Posted August 4, 2020 Author Share Posted August 4, 2020 Just now, gw1500se said: Not necessarily just tags. Any HTML including white space. I see.. This is the top of the Code i am using: <?php include 'db_const.php'; if(isset($_COOKIE["id"])) { header("location:index.php"); } $message = ''; if(isset($_POST["login"])) { if(empty($_POST["user_email"]) || empty($_POST["user_password"])) { $message = "<div class='alert alert-danger'>Both Fields are required</div>"; } else { $query = " SELECT * FROM user_details WHERE user_email = :user_email"; $statement = $connect->prepare($query); $statement->execute( array( 'user_email' => $_POST["user_email"] ) ); $count = $statement->rowCount(); if($count > 0) { $result = $statement->fetchAll(); foreach($result as $row) { if(password_verify($_POST["user_password"], $row["user_password"])) //// Check PHP HASH ///////////// { setcookie("user_id", $row["user_id"], time()+86400); header("location:index.php"); } else { $message = '<div class="alert alert-danger">Wrong Password</div>'; } } } else { $message = "<div class='alert alert-danger'>Wrong Email Address</div>"; } } } ?> <!DOCTYPE html> <html lang="en"> <head> Quote Link to comment Share on other sites More sharing options...
benanamen Posted August 4, 2020 Share Posted August 4, 2020 Why are you using Cookies for the login instead of sessions? Do you know the differences? Quote Link to comment Share on other sites More sharing options...
eddcaton Posted August 4, 2020 Author Share Posted August 4, 2020 2 minutes ago, benanamen said: Why are you using Cookies for the login instead of sessions? Do you know the differences? Hey, I started this using sessions and had the same outcome with the session not being saved/created upon login submit. I checked the PHP info for the web server and all the session details seemed to be correct and active, but still couldn't get it to work. I only swapped to Cookies as i seemed to have more success this them. Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted August 4, 2020 Share Posted August 4, 2020 here's a list of things your login code needs to do differently - do NOT store the user_id in a cookie to identify who is logged in. anyone or a bot script can supply any value for a cookie when they request your page and appear to be anyone, such as you or an administrator on your site, just by going through all possible user id's until they find one that works. you would instead generate a random unique value, similar to what a session id cookie is, and store it in a database table that relates it to the actual user_id and store it in the cookie. you must have an exit/die statement after every header() redirect to STOP code execution. your current code is executing all the rest of the code on the page at each header() redirect. don't use fetchAll() and a loop for a query that will at most match one row of data. just directly call the fetch() method and test if a row of data was found. as to your current problem, the code you are dealing with is the login form processing code and the login form. however, you have put the login form processing code at what appears to be the top of the main index.php page. this doesn't make any sense, logically, because you would be redirecting to the main page, that you are already on, if the cookie is set. you are also testing a different cookie name then the one you are setting (id vs user_id), and there's no code setting the $user_id variable you are testing on the page to determine if there is a logged in user. 1 Quote Link to comment Share on other sites More sharing options...
eddcaton Posted August 4, 2020 Author Share Posted August 4, 2020 (edited) 19 minutes ago, mac_gyver said: here's a list of things your login code needs to do differently - do NOT store the user_id in a cookie to identify who is logged in. anyone or a bot script can supply any value for a cookie when they request your page and appear to be anyone, such as you or an administrator on your site, just by going through all possible user id's until they find one that works. you would instead generate a random unique value, similar to what a session id cookie is, and store it in a database table that relates it to the actual user_id and store it in the cookie. you must have an exit/die statement after every header() redirect to STOP code execution. your current code is executing all the rest of the code on the page at each header() redirect. don't use fetchAll() and a loop for a query that will at most match one row of data. just directly call the fetch() method and test if a row of data was found. as to your current problem, the code you are dealing with is the login form processing code and the login form. however, you have put the login form processing code at what appears to be the top of the main index.php page. this doesn't make any sense, logically, because you would be redirecting to the main page, that you are already on, if the cookie is set. you are also testing a different cookie name then the one you are setting (id vs user_id), and there's no code setting the $user_id variable you are testing on the page to determine if there is a logged in user. Thanks for the info. 1. So if i generated a random code submitted to MYSQL every time the login form is submitted, then save that to the cookie. When i am then trying to get the users info then i check MYSQL for the random code that matches the cookie info? 2. Sorry for my lack of knowledge on this. I am unsure where the exits need to be placed 3. I should change the fetch argument to: $random_id = $_COOKIE["random_id"]; /// not the user_id but a random code generate on login. $sql = "SELECT * FROM user_deatils WHERE random_id LIKE ".$random_id.""; $result = $mysqli->query($sql); if ($result->num_rows > 0) { while($row = $result->fetch_assoc()) { 4. I thought the code needed to be before any HTML to set the cookie. Edited August 4, 2020 by eddcaton Quote Link to comment Share on other sites More sharing options...
eddcaton Posted August 5, 2020 Author Share Posted August 5, 2020 (edited) Any further ideas why the cookies are being set in a "blank" file and not in a stylised file? Edited August 5, 2020 by eddcaton Quote Link to comment Share on other sites More sharing options...
gw1500se Posted August 5, 2020 Share Posted August 5, 2020 What do you mean "blank" file? I suggest you look at the cookie array at the beginning of your code as necessary so you can see what is being set and when: echo "<pre>"; print_r($_COOKIE); echo "</pre>"; Quote Link to comment Share on other sites More sharing options...
eddcaton Posted August 5, 2020 Author Share Posted August 5, 2020 22 minutes ago, gw1500se said: What do you mean "blank" file? I suggest you look at the cookie array at the beginning of your code as necessary so you can see what is being set and when: echo "<pre>"; print_r($_COOKIE); echo "</pre>"; Hey, This is what i get when i submit the login form: Array ( ) When i say "blank" file. I mean a file with just the code in for the form. Nothing fancy and no real CSS styling. Quote Link to comment Share on other sites More sharing options...
gw1500se Posted August 5, 2020 Share Posted August 5, 2020 Add that code in various places in your code. That is how you debug this stuff. Put the code in various places where you think your logic is flowing. You can then see where it disappears or is not being set. Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted August 5, 2020 Share Posted August 5, 2020 do you have php's error_reporting set to E_ALL and display_errors set to ON, in the php.ini on your system, so that php will help you by reporting and displaying all the errors it detects? Quote Link to comment Share on other sites More sharing options...
eddcaton Posted August 5, 2020 Author Share Posted August 5, 2020 1 hour ago, gw1500se said: Add that code in various places in your code. That is how you debug this stuff. Put the code in various places where you think your logic is flowing. You can then see where it disappears or is not being set. Thanks for the info. I have done some more searching of google and found how to see cookies that are set from a website in google chrome. When I submit the login form from the troublesome page. I checked the cookies and it has set a cookie with the description of "Database Storage" and the flie is 2,315 B in size. It looks like somewhere along the line i am submitting something other than the login_id that i am trying to set. Here is the part of the code that handles my cookie setting etc. <?php //login.php include 'db_const.php'; //if(isset($_COOKIE["login_id"])) //{ // header("location:index.php"); // exit(); //} $message = ''; if(isset($_POST["login"])) { if(empty($_POST["user_email"]) || empty($_POST["user_password"])) { $message = "<div class='alert alert-danger'>Both Fields are required</div>"; } else { $query = " SELECT * FROM user_details WHERE user_email = :user_email"; $statement = $connect->prepare($query); $statement->execute( array( 'user_email' => $_POST["user_email"] ) ); $count = $statement->rowCount(); if($count > 0) { $result = $statement->fetchAll(); foreach($result as $row) { if(password_verify($_POST["user_password"], $row["user_password"])) //// Check PHP HASH ///////////// { $randomNumber = rand(); $user_id = "$row[user_id]"; setcookie("login_id", $randomNumber, time()+86400); $sql2 = "UPDATE user_details SET login_id=$randomNumber WHERE user_id='$user_id'"; if ($mysqli->query($sql2) === TRUE) { } header("location:index.php"); exit(); } else { $message = '<div class="alert alert-danger">Wrong Password</div>'; } } } else { $message = "<div class='alert alert-danger'>Wrong Email Address</div>"; } } } ?> <html> <head> Quote Link to comment Share on other sites More sharing options...
gw1500se Posted August 5, 2020 Share Posted August 5, 2020 Cookies do not have "descriptions." They have keys and values and keys with spaces are a bad idea. So what does $_COOKIE contain after you set it and where you are trying to verify it. Quote Link to comment Share on other sites More sharing options...
eddcaton Posted August 5, 2020 Author Share Posted August 5, 2020 1 hour ago, mac_gyver said: do you have php's error_reporting set to E_ALL and display_errors set to ON, in the php.ini on your system, so that php will help you by reporting and displaying all the errors it detects? I will take a look at the PHP info and see what i have listed. I just cant help thinking there is something throwing the cookie off from being set properly Quote Link to comment Share on other sites More sharing options...
eddcaton Posted August 5, 2020 Author Share Posted August 5, 2020 17 minutes ago, gw1500se said: Cookies do not have "descriptions." They have keys and values and keys with spaces are a bad idea. So what does $_COOKIE contain after you set it and where you are trying to verify it. Once a submission is made from the un stylised login from it displays: Array { [login_id] => 1681386050 } The cookie is populated with a random number that is sent to the DB when the user submits the login form. Then later on in other pages I check the cookie against the DB to then get the users info. I added the random number in after @mac_gyver mentioned about the security issue of setting the cookie with the users actual id. Quote Link to comment Share on other sites More sharing options...
gw1500se Posted August 5, 2020 Share Posted August 5, 2020 Now what does your MySQL query look like and is it returning what you expect? Quote Link to comment Share on other sites More sharing options...
eddcaton Posted August 5, 2020 Author Share Posted August 5, 2020 (edited) if(password_verify($_POST["user_password"], $row["user_password"])) //// Check PHP HASH ///////////// { $randomNumber = rand(); $user_id = "$row[user_id]"; setcookie("login_id", $randomNumber, time()+86400); $sql2 = "UPDATE user_details SET login_id=$randomNumber WHERE user_id='$user_id'"; if ($mysqli->query($sql2) === TRUE) { } header("location:index.php"); exit(); MYSQL submits fine and the table is updated fine when the login form is completed. What i cant understand is that i have it working 100% in a un stylised php file. As soon as i copy to a stylised design it doesn't work... Edited August 5, 2020 by eddcaton Quote Link to comment Share on other sites More sharing options...
eddcaton Posted August 5, 2020 Author Share Posted August 5, 2020 1 hour ago, mac_gyver said: do you have php's error_reporting set to E_ALL and display_errors set to ON, in the php.ini on your system, so that php will help you by reporting and displaying all the errors it detects? Hey, error_reporting is set to 22517 and display_errors is set to on Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted August 5, 2020 Share Posted August 5, 2020 42 minutes ago, eddcaton said: error_reporting is set to 22517 that's not E_ALL. as an integer, E_ALL would be 32767 Quote Link to comment Share on other sites More sharing options...
eddcaton Posted August 5, 2020 Author Share Posted August 5, 2020 22 minutes ago, mac_gyver said: that's not E_ALL. as an integer, E_ALL would be 32767 Thanks. I will take a look at changing the PHP settings. Do you think this might influence the cookie setting? Quote Link to comment Share on other sites More sharing options...
StevenOliver Posted August 5, 2020 Share Posted August 5, 2020 (edited) 1.) Put this at the top of your page: <?php ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); ?> 2.) You have "include 'db_const.php';".... please make it like this: include('db_const.php'); 3.) Is the file "db_const.php" in the same directory as the page calling it? If your html page is in a subdirectory, e.g below the directory your db_const.php file is in, then you need your include to look like this: (include('../db_const.php'); 4.) I didn't have time to read all your html code, but I notice your <form> tag does nothing. It says <form method="post">, but post where? Usually a form tag must have an action="something.php" like this: <form method="post" action="the_page_to_post_to.php"> 5.) If after all of that the problem still persists, then put this at the top of your page: <?php ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); foreach($_POST as $var=>$val){ echo "$var....$val<BR>"; } ?> ... and then you can see exactly what you are posting, and if you are posting what you want to post. Those 5 steps should give you all the answers you need. ...one more thing, I know you're using a prepared query, but still, you should validate that the user is actually posting an email address. You'll have to google this one. You'll want to just verify that it is a valid email WITHOUT changing the email (no preg_replace or anything -- otherwise you might end up with someone else's email). Just validate that it is a real email address before sticking it in your database. Edited August 5, 2020 by StevenOliver Quote Link to comment Share on other sites More sharing options...
eddcaton Posted August 5, 2020 Author Share Posted August 5, 2020 10 minutes ago, StevenOliver said: 1.) Put this at the top of your page: <?php ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); ?> 2.) You have "include 'db_const.php';".... please make it like this: include('db_const.php'); 3.) Is the file "db_const.php" in the same directory as the page calling it? If your html page is in a subdirectory, e.g below the directory your db_const.php file is in, then you need your include to look like this: (include('../db_const.php'); 4.) I didn't have time to read all your html code, but I notice your <form> tag does nothing. It says <form method="post">, but post where? Usually a form tag must have an action="something.php" like this: <form method="post" action="the_page_to_post_to.php"> 5.) If after all of that the problem still persists, then put this at the top of your page: <?php ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); foreach($_POST as $var=>$val){ echo "$var....$val<BR>"; } ?> ... and then you can see exactly what you are posting, and if you are posting what you want to post. Those 5 steps should give you all the answers you need. Thanks for the info. 1. Shows up an error on the working and not working file Warning: Cannot modify header information - headers already sent by (output started at /homepages/41/d553935649/htdocs/edd/login.php:1) in /homepages/41/d553935649/htdocs/edd/login.php on line 47 Warning: Cannot modify header information - headers already sent by (output started at /homepages/41/d553935649/htdocs/edd/login.php:1) in /homepages/41/d553935649/htdocs/edd/login.php on line 48 line 1: <?php line 47: setcookie("login_id", $randomNumber, time()+86400); line 48: header("location:index.php"); 2. Amended 3. Yes the db_const.php is in the same directory as the login.php file 4. The form is in the same file as the php action with a if(isset($_POST["login"])) before the posting and setting of the cookie 5. Shows the email and login that was input into the login form and the errors mentions in #1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.