Jump to content

cookies don't get created

ssscriptties

By ssscriptties
in PHP Coding Help

 Share

Recommended Posts

ssscriptties Newbie

ssscriptties

Posted
Posted

my code was working jus fine yesterday but when I woke up today and tried it out it wouldn't create cookies, and I'm wondering why? 

<?php
session_start();
require_once 'config.php'; 

if (!isset($_SESSION['email']) && isset($_COOKIE['email'], $_COOKIE['remember_token'])) {
    $email = $_COOKIE['email'];
    $token = $_COOKIE['remember_token'];

    $stmt = $conn->prepare("SELECT u.*, rt.token FROM users u 
                           INNER JOIN remember_tokens rt ON u.id = rt.user_id 
                           WHERE u.email = ? AND rt.token = ? AND rt.expires_at > NOW()");
    $stmt->bind_param("ss", $email, $token);
    $stmt->execute();
    $result = $stmt->get_result();

    if ($result->num_rows > 0) {
        $user = $result->fetch_assoc();
        
        // Set session variables
        $_SESSION['username'] = $user['username'];
        $_SESSION['email'] = $user['email'];
        $_SESSION['role'] = $user['role'];
        $_SESSION['location'] = $user['location'];
        $_SESSION['used_remember_me'] = true; 

        $newToken = bin2hex(random_bytes(32));
        $expiresAt = date('Y-m-d H:i:s', time() + (60 * 60 * 24 * 30)); 
        
        $updateStmt = $conn->prepare("UPDATE remember_tokens SET token = ?, expires_at = ? WHERE user_id = ?");
        $updateStmt->bind_param("ssi", $newToken, $expiresAt, $user['id']);
        $updateStmt->execute();
        $updateStmt->close();
        
        setcookie('remember_token', $newToken, time() + (60 * 60 * 24 * 30), "/", "", true, true);

        if ($user['role'] === 'admin') {
            header("Location: admin.php");
        } else {
            header("Location: index.php");
        }
        exit();
    } else {
        setcookie('remember_token', '', time() - 3600, "/");
        setcookie('email', '', time() - 3600, "/");
    }
    $stmt->close();
}

$errors = [
    'login' => $_SESSION['login_error'] ?? '',
    'register' => $_SESSION['register_error'] ?? ''
];
$successMessage = $_SESSION['register_success'] ?? '';
$activeForm = $_SESSION['active_form'] ?? 'login';
$loginAttempts = $_SESSION['login_attempts'] ?? 0;
$lockoutTime = $_SESSION['lockout_time'] ?? 0;

unset($_SESSION['login_error'], $_SESSION['register_error'], $_SESSION['register_success'], $_SESSION['active_form']);

function showError($error) {
    return !empty($error) ? "<p class='error-message'>" . htmlspecialchars($error) . "</p>" : "";
}

function showSuccess($message) {
    return !empty($message) ? "<p class='success-message'>" . htmlspecialchars($message) . "</p>" : "";
}

function isActiveForm($formName, $activeForm) {
    return $formName === $activeForm ? 'active' : '';
}

$currentTime = time();
$remainingLockoutTime = 0;
$isLocked = false;

if ($loginAttempts >= 3) {
    if (($currentTime - $lockoutTime) < 40) {
        $isLocked = true;
        $remainingLockoutTime = 40 - ($currentTime - $lockoutTime);
    } else {
        $_SESSION['login_attempts'] = 0;
        $_SESSION['lockout_time'] = 0;
    }
}
?>

<style>
        * {
            margin: 0;
            padding: 0;
            box-sizing: border-box;
        }
        body {
            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
            background-color: #f5f5f5;
        }
        .container {
            display: flex;
            flex-direction: column;
            justify-content: center;
            align-items: center;
            min-height: 100vh;
            width: 100%;
            padding: 20px;
            box-sizing: border-box;
        }

        .form-box {
            width: 100%;
            max-width: 450px;
            padding: 30px;
            background: #0061af;
            border-radius: 10px;
            display: none;
            margin: 10px 0;
            box-shadow: 0 4px 12px rgba(0, 0, 0, 0.1);
        }

        .form-box.active {
            display: block;
        }

        .logo-container {
            text-align: center;
            margin-bottom: 20px;
        }

        .logo-container img {
            width: 120px;
            height: auto;
        }

        h2 {
            font-size: 28px;
            text-align: center;
            margin-bottom: 20px;
            color: white;
        }

        input, select {
            width: 100%;
            padding: 12px;
            border: none;
            outline: none;
            font-size: 16px;
            margin-bottom: 20px;
            border-radius: 6px;
            background-color: rgba(255, 255, 255, 0.9);
        }

        button {
            display: flex;
            align-items: center;
            justify-content: center;
            background-color: #f3f7fe;
            color: #3b82f6;
            border: none;
            cursor: pointer;
            border-radius: 8px;
            width: 100%;
            height: 45px;
            transition: 0.3s;
            text-decoration: none;
            font-size: 16px;
            font-weight: 600;
            margin-bottom: 15px;
        }

        button:hover {
            background-color: #3b82f6;
            box-shadow: 0 0 0 5px #3b83f65f;
            color: #fff;
        }

        .error-message {
            padding: 12px;
            background: #f8d7da;
            border-radius: 6px;
            color: #a42834;
            text-align: center;
            margin-bottom: 20px;
        }

        .success-message {
            padding: 12px;
            background: #d4edda;
            border-radius: 6px;
            color: #155724;
            text-align: center;
            margin-bottom: 20px;
        }

        .form-footer {
            text-align: center;
            color: white;
            margin-top: 15px;
        }

        .form-footer a {
            color: #aad4ff;
            text-decoration: none;
        }

        .form-footer a:hover {
            text-decoration: underline;
        }

        .sso-button {
            background-color: #0078d4 !important;
            color: white !important;
        }

        .sso-button:hover {
            background-color: #106ebe !important;
            box-shadow: 0 0 0 5px rgba(0, 120, 212, 0.3) !important;
        }

        .divider {
            display: flex;
            align-items: center;
            margin: 20px 0;
            color: white;
        }

        .divider::before, .divider::after {
            content: "";
            flex: 1;
            border-bottom: 1px solid rgba(255, 255, 255, 0.3);
        }

        .divider-text {
            padding: 0 10px;
        }

        ::-webkit-scrollbar {
            width: 10px;
        }

        ::-webkit-scrollbar-track {
            background: #f1f1f1;
        }

        ::-webkit-scrollbar-thumb {
            background: #0061af;
        }

        ::-webkit-scrollbar-thumb:hover {
            background: #0363b1;
        }

        #countdown {
            padding: 12px;
            background: #ffeeba;
            border-radius: 6px;
            color: #856404;
            text-align: center;
            margin-bottom: 20px;
            font-weight: bold;
        }

        .remember-me {
            display: flex;
            align-items: center;
            margin-bottom: 20px;
            color: white;
        }

        .remember-me input {
            width: auto;
            margin-right: 10px;
            margin-bottom: 0;
        }
</style>

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>ALnasser | Ticketing System</title>
    <link rel="icon" type="image/x-icon" href="alnasser.png">
    <link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<div class="container">
    <div class="form-box <?= isActiveForm('login', $activeForm); ?>" id="login-form">
        <form action="login_register.php" method="post">
            <center><img width="30%" height="auto" src="alnasser_nobg.png" alt="ALnasser Logo"></center>
            <h2>Login</h2>
            <?= showError($errors['login']); ?>
            <button type="button" class="sso-button" onclick="window.location.href='windows_login.php'">
                Sign in with Windows Domain Account
            </button>
            <div class="divider"><span class="divider-text">OR</span></div>

            <input type="email" name="email" placeholder="Email" required>
            <input type="password" name="password" placeholder="Password" required>

            <div class="remember-me">
                <input type="checkbox" id="remember_me" name="remember_me">
                <label for="remember_me">Remember me for 30 days</label>
            </div>

            <?php if ($isLocked): ?>
                <div id="countdown">Too many failed attempts. Please try again in <span id="time"></span> seconds.</div>
                <button type="submit" name="login" disabled style="cursor: not-allowed; background-color: #ccc;">Login</button>
            <?php else: ?>
                <button type="submit" name="login">Login</button>
            <?php endif; ?>

            <p class="form-footer">Don't have an account? <a href="#" onclick="showForm('register-form')">Register</a></p>
        </form>
    </div>

    <div class="form-box <?= isActiveForm('register', $activeForm); ?>" id="register-form">
        <form action="login_register.php" method="post">
            <center><img width="30%" height="auto" src="alnasser_nobg.png" alt="ALnasser Logo"></center>
            <h2>Register</h2>
            <?= showError($errors['register']); ?>
            <?= showSuccess($successMessage); ?>

            <input type="text" name="username" placeholder="Username" required>
            <input type="email" name="email" placeholder="Email" pattern="[a-zA-Z0-9._%+-]+@alnasser\.eg$" required>
            <input type="password" name="password" placeholder="Password" required>
            <select name="role" required>
                <option value="">--Select Role--</option>
                <option value="user">User</option>
                <option value="admin">Admin</option>
                <option value="technician">Technician</option>
            </select>
            <select name="location" required>
                <option value="">--Select Location--</option>
                <option value="Asiout">Asiout</option>
                <option value="Zizinia">Zizinia</option>
                <option value="Aswan">Aswan</option>
                <option value="Helwan">Helwan</option>
                <option value="Menia">Menia</option>
                <option value="Mokattam">Mokattam</option>
                <option value="Arcadia">Arcadia</option>
                <option value="October">October</option>
                <option value="Tagamoa">Tagamoa</option>
                <option value="Maadi">Maadi</option>
                <option value="Heliopolis">Heliopolis</option>
                <option value="Nasr city">Nasr city</option>
                <option value="Obour">Obour</option>
                <option value="Qena">Qena</option>
                <option value="Smouha">Smouha</option>
                <option value="Haram">Haram</option>
                <option value="Sohag1">Sohag1</option>
                <option value="Bani Suef">Bani Suef</option>
                <option value="Mohandseen">Mohandseen</option>
                <option value="Tanta">Tanta</option>
                <option value="Mahalla">Mahalla</option>
                <option value="Zaqaziq">Zaqaziq</option>
                <option value="Shebeen">Shebeen</option>
                <option value="Qusseya">Qusseya</option>
                <option value="Mansoura2">Mansoura2</option>
                <option value="Luxor">Luxor</option>
                <option value="Damanhor">Damanhor</option>
                <option value="Hadayek">Hadayek</option>
                <option value="Agami">Agami</option>
                <option value="Suez">Suez</option>
                <option value="Fisal">Fisal</option>
                <option value="ismailia">ismailia</option>
                <option value="Mansoura 3">Mansoura 3</option>
                <option value="Abas el3qad">Abas el3qad</option>
                <option value="mohy eldeen">mohy eldeen</option>
                <option value="Sohag2">Sohag2</option>
                <option value="Zaharaa El-Maadi">Zaharaa El-Maadi</option>
                <option value="Gesr Al-Suez">Gesr Al-Suez</option>
                <option value="Shoubra">Shoubra</option>
                <option value="Fayoum">Fayoum</option>
                <option value="Hurghada">Hurghada</option>
                <option value="Sharm ElSheikh">Sharm ElSheikh</option>
                <option value="Mashaal">Mashaal</option>
                <option value="Victoria">Victoria</option>
                <option value="Al Rehab">Al Rehab</option>
                <option value="Madinaty">Madinaty</option>
                <option value="Mall of Egypt">Mall of Egypt</option>
                <option value="Gardenia">Gardenia</option>
                <option value="Tanta 2">Tanta 2</option>
                <option value="Port Said">Port Said</option>
                <option value="Town Center Mall">Town Center Mall</option>
                <option value="Office">Office</option>
                <option value="Online">Online</option>
            </select>
            <button type="submit" name="register">Register</button>
            <p class="form-footer">Already have an account? <a href="#" onclick="showForm('login-form')">Login</a></p>
        </form>
    </div>
</div>
<script src="script.js"></script>
<script>
    <?php if ($isLocked): ?>
        let remainingTime = <?= $remainingLockoutTime ?>;
        const countdownElement = document.getElementById('time');
        function updateCountdown() {
            if (remainingTime > 0) {
                countdownElement.textContent = remainingTime;
                remainingTime--;
                setTimeout(updateCountdown, 1000);
            } else {
                window.location.reload();
            }
        }
        updateCountdown();
    <?php endif; ?>

    function showForm(formId) {
        document.querySelectorAll('.form-box').forEach(box => box.classList.remove('active'));
        document.getElementById(formId).classList.add('active');
    }

    window.onload = function() {
        const activeFormId = '<?= htmlspecialchars($activeForm) ?>-form';
        showForm(activeFormId);
    };
</script>
</body>
</html>

  

<?php
session_start();
require_once 'config.php';

if (isset($_POST['register'])) {
    $username = trim($_POST['username']);
    $email = trim($_POST['email']);
    $password_raw = $_POST['password'];
    $role = $_POST['role'];
    $location = $_POST['location'];

    if (!preg_match('/^[a-zA-Z0-9_]+$/', $username)) {
        $_SESSION['register_error'] = 'Username can only contain letters, numbers, and underscores.';
        $_SESSION['active_form'] = 'register';
        header("Location: login&signup.php");
        exit();
    }

    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $_SESSION['register_error'] = 'Invalid email format.';
        $_SESSION['active_form'] = 'register';
        header("Location: login&signup.php");
        exit();
    }

    if (!preg_match('/@alnasser\.eg$/', $email)) {
        $_SESSION['register_error'] = 'Only @alnasser.eg email addresses are allowed.';
        $_SESSION['active_form'] = 'register';
        header("Location: login&signup.php");
        exit();
    }

    if (strlen($password_raw) < 8 || !preg_match('/[A-Za-z]/', $password_raw) || !preg_match('/[0-9]/', $password_raw) || !preg_match('/[^A-Za-z0-9]/', $password_raw)) {
        $_SESSION['register_error'] = 'Password must be at least 8 characters long and include letters, numbers, and symbols.';
        $_SESSION['active_form'] = 'register';
        header("Location: login&signup.php");
        exit();
    }

    $password_hashed = password_hash($password_raw, PASSWORD_DEFAULT);

    $stmt = $conn->prepare("SELECT email FROM users WHERE email = ?");
    $stmt->bind_param("s", $email);
    $stmt->execute();
    $checkEmail = $stmt->get_result();

    if ($checkEmail->num_rows > 0) {
        $_SESSION['register_error'] = 'Email is already registered.';
        $_SESSION['active_form'] = 'register';
    } else {
        $stmt = $conn->prepare("INSERT INTO users (username, email, password, role, location) VALUES (?, ?, ?, ?, ?)");
        $stmt->bind_param("sssss", $username, $email, $password_hashed, $role, $location);

        if ($stmt->execute()) {
            $_SESSION['active_form'] = 'login';
            $_SESSION['register_success'] = 'Registration successful! Please login.';
        } else {
            error_log("Registration failed: " . $stmt->error);
            $_SESSION['register_error'] = 'Registration failed. Please try again.';
            $_SESSION['active_form'] = 'register';
        }
    }

    $stmt->close();
    $conn->close();
    header("Location: login&signup.php");
    exit();
}

if (isset($_POST['login'])) {
    $email = trim($_POST['email']);
    $password = $_POST['password'];

    $loginAttempts = $_SESSION['login_attempts'] ?? 0;
    $lockoutTime = $_SESSION['lockout_time'] ?? 0;
    $currentTime = time();

    if ($loginAttempts >= 3 && ($currentTime - $lockoutTime < 40)) {
        $_SESSION['login_error'] = 'Account locked due to too many failed attempts. Please wait.';
        $_SESSION['active_form'] = 'login';
        header("Location: login&signup.php");
        exit();
    }

    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $_SESSION['login_error'] = 'Invalid email format.';
        $_SESSION['active_form'] = 'login';
        header("Location: login&signup.php");
        exit();
    }

    if (!preg_match('/@alnasser\.eg$/', $email)) {
        $_SESSION['login_error'] = 'Only @alnasser.eg email addresses are allowed.';
        $_SESSION['active_form'] = 'login';
        header("Location: login&signup.php");
        exit();
    }

    $stmt = $conn->prepare("SELECT * FROM users WHERE email = ?");
    $stmt->bind_param("s", $email);
    $stmt->execute();
    $result = $stmt->get_result();

    if ($result->num_rows > 0) {
        $user = $result->fetch_assoc();
        if (password_verify($password, $user['password'])) {
            $_SESSION['username'] = $user['username'];
            $_SESSION['email'] = $user['email'];
            $_SESSION['role'] = $user['role'];
            $_SESSION['location'] = $user['location'];

            $_SESSION['login_attempts'] = 0;
            $_SESSION['lockout_time'] = 0;

            if (!empty($_POST['remember_me'])) {
                $token = bin2hex(random_bytes(32));
                $expiresAt = date('Y-m-d H:i:s', time() + (60 * 60 * 24 * 30)); // 30 days
                
                $cleanupStmt = $conn->prepare("DELETE FROM remember_tokens WHERE user_id = ?");
                $cleanupStmt->bind_param("i", $user['id']);
                $cleanupStmt->execute();
                $cleanupStmt->close();
                
                $tokenStmt = $conn->prepare("INSERT INTO remember_tokens (user_id, token, expires_at, created_at) VALUES (?, ?, ?, NOW())");
                $tokenStmt->bind_param("iss", $user['id'], $token, $expiresAt);
                
                if ($tokenStmt->execute()) {
                    setcookie('email', $email, time() + (60 * 60 * 24 * 30), "/", "", true, true);
                    setcookie('remember_token', $token, time() + (60 * 60 * 24 * 30), "/", "", true, true);
                    
                    $_SESSION['used_remember_me'] = true;
                } else {
                    error_log("Failed to store remember token: " . $tokenStmt->error);
                }
                $tokenStmt->close();
            } else {
                setcookie('remember_token', '', time() - 3600, "/");
                setcookie('email', '', time() - 3600, "/");
                
                $cleanupStmt = $conn->prepare("DELETE FROM remember_tokens WHERE user_id = ?");
                $cleanupStmt->bind_param("i", $user['id']);
                $cleanupStmt->execute();
                $cleanupStmt->close();
                
                $_SESSION['used_remember_me'] = false;
            }

            $stmt->close();
            $conn->close();
            
            if ($user['role'] === 'admin') {
                header("Location: admin.php");
            } else {
                header("Location: index.php");
            }
            exit();
        } else {
            $_SESSION['login_error'] = 'Incorrect email or password.';
            $_SESSION['active_form'] = 'login';
            $_SESSION['login_attempts'] = $loginAttempts + 1;
            if ($_SESSION['login_attempts'] >= 3) {
                $_SESSION['lockout_time'] = $currentTime;
            }
        }
    } else {
        $_SESSION['login_error'] = 'Incorrect email or password.';
        $_SESSION['active_form'] = 'login';
        $_SESSION['login_attempts'] = $loginAttempts + 1;
        if ($_SESSION['login_attempts'] >= 3) {
            $_SESSION['lockout_time'] = $currentTime;
        }
    }

    $stmt->close();
    $conn->close();
    header("Location: login&signup.php");
    exit();
}
?>

 

Link to comment
https://forums.phpfreaks.com/topic/329842-cookies-dont-get-created/
Share on other sites
ssscriptties Newbie

ssscriptties

Posted
  • Author
Posted

for anybody wondering I fixed it
I changed                     setcookie('email', $email, time() + (60 * 60 * 24 * 30), "/", "", true, true); to
                    setcookie('email', $email, time() + (60 * 60 * 24 * 30), "/", "", false, true);

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.