Jump to content

Set cookie along with a session

JCS1988

By JCS1988
in PHP Coding Help

 Share

Recommended Posts

JCS1988 Member

JCS1988

Posted
Posted

Here I am again, another minor problem I have. My site uses sessions, but I have one particular script that requires a user ID from a cookie called $currentcustomer. I don't have the knowledge to go through and modify the code and use sessions so I figure I'll just set the cookie it wants and be done with it. Here is my script, after logging in the user is taken here to verify the provided login info. Thanks in advance!

 

This is the session it's creating for the customer id, I'd like a cookie version as well, I'm just not sure where to place it and how to call it in properly.

$_SESSION['SESS_CUSTOMER_ID']=$customer['customer_id'];

 

 

Here is the entire page

<?php
//Start session
session_start();

//Connect to mysql server
$link=mysql_connect("host","login","password");
if(!$link) {
	die('Failed to connect to server: ' . mysql_error());
}
//Select database
$db=mysql_select_db("jcs5325aii_photography");
if(!$db) {
	die("Unable to select database");
}

//Sanitize the value received from login field
//to prevent SQL Injection
if(!get_magic_quotes_gpc()) {
	$username=mysql_real_escape_string($_POST['username']);
}else {
	$username=$_POST['username'];
}

//Create query
$qry="SELECT customer_id FROM users WHERE username='$username' AND password='$password'";
$result=mysql_query($qry);
$customer_id="SELECT customer_id FROM users WHERE username='$username' AND password='$password'";

//Check whether the query was successful or not
if($result) {
	if(mysql_num_rows($result)>0) {
		//Login Successful
		session_regenerate_id();
		$customer=mysql_fetch_assoc($result);
		$_SESSION['SESS_CUSTOMER_ID']=$customer['customer_id'];
		session_write_close();
		header("location: member-index.php");
		exit();
	}else {
		//Login failed
		header("location: login-failed.php");
		exit();
	}
}else {
	die("Query failed");
}
?>

Link to comment
Share on other sites
kratsg Regular Member

kratsg

Posted
Posted 

setcookie(name, value, expire, path, domain);

 

Put this near the top of your page, just right under the session start, before you send any output. This runs before the headers have been set.

 

All you really need is the name, value, and when it expires in seconds. If you want to block access to your cookie for only your site, use path/domain:

 

    The path on the server in which the cookie will be available on. If set to '/', the cookie will be available within the entire domain . If set to '/foo/', the cookie will only be available within the /foo/ directory and all sub-directories such as /foo/bar/ of domain . The default value is the current directory that the cookie is being set in.

domain

 

    The domain that the cookie is available. To make the cookie available on all subdomains of example.com then you'd set it to '.example.com'. The . is not required but makes it compatible with more browsers. Setting it to www.example.com will make the cookie only available in the www subdomain. Refer to tail matching in the » spec for details.

~PHP.net
Link to comment
Share on other sites
JCS1988 Member

JCS1988

Posted
  • Author
Posted

I have the cookies working now, they do show up but the one variable I need isn't displaying properly. Most likely because I have it set wrong, any idea on how I would do something like this?

 

This is the session I am creating:

$_SESSION['SESS_CUSTOMER_ID']=$customer['customer_id'];

 

	$customer_id = "'$_SESSION['SESS_CUSTOMER_ID']'";
setcookie("currentcustomer", $customer_id, time()+3600);

<?php
//Start session
session_start();

$customer_id = "'$_SESSION['SESS_CUSTOMER_ID']'";

setcookie("currentcustomer", $customer_id, time()+3600);

//Connect to mysql server
$link=mysql_connect("data.jcs5325.aisites.com","jcs5325aii_pho","203633");
if(!$link) {
	die('Failed to connect to server: ' . mysql_error());
}
//Select database
$db=mysql_select_db("jcs5325aii_photography");
if(!$db) {
	die("Unable to select database");
}

//Sanitize the value received from login field
//to prevent SQL Injection
if(!get_magic_quotes_gpc()) {
	$username=mysql_real_escape_string($_POST['username']);
}else {
	$username=$_POST['username'];
}

//Create query
$qry="SELECT customer_id FROM users WHERE username='$username' AND password='$password'";
$result=mysql_query($qry);
//Check whether the query was successful or not
if($result) {
	if(mysql_num_rows($result)>0) {
		//Login Successful
		session_regenerate_id();
		$customer=mysql_fetch_assoc($result);
		$_SESSION['SESS_CUSTOMER_ID']=$customer['customer_id'];
		session_write_close();
		header("location: member-index.php");
		exit();
	}else {
		//Login failed
		header("location: login-failed.php");
		exit();
	}
}else {
	die("Query failed");
}
?>

Link to comment
Share on other sites
JCS1988 Member

JCS1988

Posted
  • Author
Posted

I had figured that wasn't set right, the " and ' are always confusing to me. Now I made the changes but the cookie will not show up using IE or Firefox, although it does work if I add just a regular value to the cookie such as $customer_id = "idValue"; Is this because the session is created AFTER the setcookie function?

 

Here is the code I have now, I added your code in place of mine. But look down where the session is created, does this have something to do with why the cookie wont set?

 

<?php
//Start session
session_start();

$customer_id = $_SESSION['SESS_CUSTOMER_ID'];

setcookie("currentcustomer", $customer_id, time()+3600);

//Connect to mysql server
$link=mysql_connect("data.jcs5325.aisites.com","jcs5325aii_pho","203633");
if(!$link) {
	die('Failed to connect to server: ' . mysql_error());
}
//Select database
$db=mysql_select_db("jcs5325aii_photography");
if(!$db) {
	die("Unable to select database");
}

//Sanitize the value received from login field
//to prevent SQL Injection
if(!get_magic_quotes_gpc()) {
	$username=mysql_real_escape_string($_POST['username']);
}else {
	$username=$_POST['username'];
}

//Create query
$qry="SELECT customer_id FROM users WHERE username='$username' AND password='$password'";
$result=mysql_query($qry);
//Check whether the query was successful or not
if($result) {
	if(mysql_num_rows($result)>0) {
		//Login Successful
		session_regenerate_id();
		$customer=mysql_fetch_assoc($result);
		$_SESSION['SESS_CUSTOMER_ID']=$customer['customer_id'];
		session_write_close();
		header("location: member-index.php");
		exit();
	}else {
		//Login failed
		header("location: login-failed.php");
		exit();
	}
}else {
	die("Query failed");
}
?>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.