[SOLVED] What is Wrong With This

[Lamez]

I am working on a login system for my download site http://downloads.lamezz.info

 

I am getting an error with this, and it is saying I am not logged in, I have logged in before and now I cannot login (I did make changes)

 

here is the code:

 

 

} else { 

echo "<center>";
setcookie("loggedin", "".$_POST['username']."", time()+(3600 * 24));
setcookie("username", "".$_POST['username']."", "TRUE");
echo "Welcome: <strong>".$_POST['username']."</strong><br>"; 
echo "<br />";
echo "Continue to the <a href=members.php>members</a> section."; 
echo "</center>";
}

 

(If you do go to my site use login: test password: test)

[radar]

Well first off -- you've got this issue -- the 2nd set cookie you have..

 

setcookie("username", "".$_POST['username']."", "TRUE");

-- so looking at my example below, you are trying to set the expiry time to TRUE which will just give you an issue...

setcookie("string name", "string value", "int expires", "string path", "string domain", "bool secure");

 

Now lets go to the fact that you are unable to stay logged in..  the problem is, when you set a cookie you modify header information however, any HTML at all causes you to not be able to modify them..  so the echo "<center>"; that you have, move that to just below your setcookie functions and that should work for you....

 

btw -- on the 2nd setcookie, i would just take the , "TRUE" out -- it'll work.. trust me...

[Lamez]

That did not work at all.

 

This is what I am left with

} else { 


setcookie("loggedin", "".$_POST['username']."", time()+(3600 * 24));
setcookie("username", "".$_POST['username']."",);

echo "Welcome: <strong>".$_POST['username']."</strong><br>"; 
echo "<br />";
echo "Continue to the <a href=members.php>members</a> section."; 

}

 

I am very new to PHP, it would be nice if you could re-script it for me.

Thanks

[MadTechie]

your need to post more compleate code,

 

[Lamez]

lol alright, I hate to be a bother.

 

Login Script

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link rel="stylesheet" type="text/css" href="../style/default.css"/>
<title>Download Section - Members Area</title>
</head>
<body>


 <div class="logo"><h1>Lamez's Download Section</h1></div>


     

       <div class="spacer"></div>
<div class="box"><font size="3"><center>

<?php
ob_start();

include("config.php"); 

// connect to the mysql server 
$link = mysql_connect($server, $db_user, $db_pass) 
or die ("Could not connect to mysql because ".mysql_error()); 

// select the database
mysql_select_db($database) 
or die ("Could not select database because ".mysql_error()); 

$match = "select id from $table where username = '".$_POST['username']."' 
and password = '".$_POST['password']."';"; 

$qry = mysql_query($match) 
or die ("Could not match data because ".mysql_error()); 
$num_rows = mysql_num_rows($qry); 

if ($num_rows <= 0) { 

echo "Sorry, there is no username or password with: <strong>".$_POST['username']."</strong><br>"; 
echo "<br />";
echo "<a href=login.html>Try again</a>"; 

exit;

} else { 


setcookie("loggedin", "".$_POST['username']."", time()+(3600 * 24));
setcookie("username", "".$_POST['username']."",);

echo "Welcome: <strong>".$_POST['username']."</strong><br>"; 
echo "<br />";
echo "Continue to the <a href=members.php>members</a> section."; 

}
ob_end_flush();
?>
</center>
</font>
</div>

 

 

Member's Area Script

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link rel="stylesheet" type="text/css" href="../style/default.css"/>
<title>Download Section - Members Area</title>
</head>

<body>


 <div class="logo"><h1>Lamez's Download Section</h1></div>


    
     

       <div class="spacer"></div>


<div class="box"><font size="3"><center><?php
$username = $_COOKIE['loggedin'];
if (!isset($_COOKIE['loggedin'])) die("You are not logged in, <a href=login.html>click here</a> to login.");
echo "You are logged in $username";
?>

    <font size="3"><a href="members.php">Upload a File</a> | <a href="members/profile.php">Profile</a> | <a href="list.php">Member's List</a>
    | <a href="logout.php">Logout</a></font>
	   	   </center></font></div>




<div class="box">
<font size="3">
<p align="center"><u>Welcome Members!</u></p> </font></div>
<br />
<br />


</body>
</html>

 

 

Once again, thank you.

[MadTechie]

OK well whats the errors

 

from what i can see your having problems as your cookies are being set after output (see quote)

 

try

 

<?php
ob_start(); // <-- move to top
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link rel="stylesheet" type="text/css" href="../style/default.css"/>
<title>Download Section - Members Area</title>
</head>
<body>


 <div class="logo"><h1>Lamez's Download Section</h1></div>


     

       <div class="spacer"></div>
<div class="box"><font size="3"><center>

<?php //<--PHP code continues

....
....

 

 

also in the Member's Area Script, you are not closing the if

 

add

 

<?php
} //<--this
?>
</body>
</html>

 

setcookie() defines a cookie to be sent along with the rest of the HTTP headers. Like other headers, cookies must be sent before any output from your script (this is a protocol restriction). This requires that you place calls to this function prior to any output, including <html> and <head> tags as well as any whitespace. If output exists prior to calling this function, setcookie() will fail and return FALSE. If setcookie() successfully runs, it will return TRUE. This does not indicate whether the user accepted the cookie.

 

    Note: As of PHP 4, you can use output buffering to send output prior to the call of this function, with the overhead of all of your output to the browser being buffered in the server until you send it. You can do this by calling ob_start() and ob_end_flush() in your script, or setting the output_buffering configuration directive on in your php.ini or server configuration files.

[Lamez]

WOW That worked great!

 

Another Question PHP God.

 

What does this mean and how can I fix it (I am very sorry for the questions, all I know is CSS, HTML, and DOS)

 

Warning: setcookie() expects parameter 3 to be long, string given in /mounted-storage/home48c/sub007/sc33591-LWQU/lamezz.info/downloads/login/login.php on line 54
Welcome: test

[MadTechie]

oh yes

 

setcookie("username", "".$_POST['username']."",);

 

should be

setcookie("username", "".$_POST['username']."");

 

Note the last , is removed

 

by adding the comma the function is expecting some more data

[btherl]

Lamez, be aware that users can change the value of cookies.  So they can set their own username, and also set themselves as logged in when they really aren't.  If you're planning to make this script public, I would recommend using sessions.  Sessions are also much easier to use.  They are based on cookies, but are more secure, and hide most of the messy stuff from you.

[Lamez]

Well, I did not script this.

 

The script is already public

 

see it in action at: http://downloads.lamezz.info

 

If you want to re-script my whole login system, feel free, but I cannot not do it by me self.

[john010117]

If you wish for someone to rescript it for you, please post that in the freelance area.  But for now, just use the code that you have, and start to read on sessions.