SitePoint Sponsor

User Tag List

Results 1 to 25 of 25
  1. #1
    SitePoint Evangelist jimday1982's Avatar
    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    562
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Storing Session ID in Cookie

    This started out in the SEO forum (http://www.sitepoint.com/forums/showthread.php?t=202869), but got a little more php oriented, so that's why I moved it here...

    Anyway, I finally was able to remove the SID from my urls, but discovered that hardly anything on my site worked after doing so. I was told that I need to save the session id in a cookie, so I tried:

    session_start();

    setcookie("DrunkDrinks", $value, time()+3600);

    But no luck - again, not much on my site works when using this - if anyone has any ideas, I'd greatly appreciate it!
    Jimmy Day
    Senior Systems Analyst
    Piedmont Healthcare Corporation

  2. #2
    Sell crazy someplace else markl999's Avatar
    Join Date
    Aug 2003
    Location
    Manchester, UK
    Posts
    4,007
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You don't need to store the cookie yourself, PHP takes care of it for you. There's 2 ways of passing the SID around and that's in the url or in a cookie. The cookie bit is taken care of for you. Are sessions not working at all for you?
    Maybe try a simple test such as:
    PHP Code:
    <?php
    //count increases on page reload
    session_start();
    if(empty(
    $_SESSION['count'])){
      
    $_SESSION['count'] = 1;
    } else {
      ++
    $_SESSION['count'];
    }
    echo 
    'Count is : '.$_SESSION['count'];
    ?>

  3. #3
    SitePoint Evangelist jimday1982's Avatar
    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    562
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Sessions are working, I think it's the cookies that aren't. When I use your code, every page view increases the count by 1 - is it supposed to do that? I believe this is because I am including a file for a header on every page and the code is in the header file - is this how it should be done? I am still not able to use the features on my site though because it looks like the sid is not being stored in the cookie...I'm really pretty lost on this - any help is appreciated. Oh and if you want to see the result, the site is www.drunkdrinks.com. You'll notice that when you click on one of the categories, none of the data is displayed and it produces errors. Thank you.
    Jimmy Day
    Senior Systems Analyst
    Piedmont Healthcare Corporation

  4. #4
    Sell crazy someplace else markl999's Avatar
    Join Date
    Aug 2003
    Location
    Manchester, UK
    Posts
    4,007
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yeah, the code should increase the count by one on every refresh, this means that sessions are working for you, and if the SID isn't being passed in the url then it's being stored in a cookie. I've checked your site and the session cookie is fine.
    The errors you are getting are mysql related, can you post the top 20 lines of category.php? (removing any db passwords first)

  5. #5
    SitePoint Evangelist jimday1982's Avatar
    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    562
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks a lot - I really appreciate your help.

    category.php code:

    PHP Code:
    <?php include("rheader.php"); ?>

    <?php

       
    if ($letter) {

          
    $sql "select drinkid, title, date, rating from drinks where title like '$letter%' and status = 'L'";

       } else {

          
    $sql "select drinkid, title, date, rating from drinks where categoryid = $catid and status = 'L'";

       }

       
    $result mysql_query($sql ,$db);
       
    $numrows mysql_numrows($result);

       
    $lastpage false;

       if (
    $pagenum == 0) {
          
    $startrow 0;
       } else {
          
    $startrow 25 $pagenum;
       }

       if (
    $numrows $startrow 25) {
          
    $endrow $numrows;
          
    $lastpage true;
       }

       if (
    $letter) {

          
    $sql "select drinkid, title, date, rating from drinks where title like '$letter%' and status = 'L' order by title limit $startrow,25";
          
    $pagetitle "Drinks starting with '$letter'";

       } else {

          
    $sql "select * from categories where categoryid = $catid";
          
    $result mysql_query($sql ,$db);
          
    $row mysql_fetch_row($result);
          
    $pagetitle $row[1];

          
    $sql "select drinkid, title, date, rating from drinks where categoryid = $catid and status = 'L' order by title limit $startrow,25";

       }

    ?>
    rheader.php code:

    PHP Code:
    <?php


       
    //session_start();
       
       
       //count increases on page reload
    session_start();
    if(empty(
    $_SESSION['count'])){
      
    $_SESSION['count'] = 1;
    } else {
      ++
    $_SESSION['count'];
    }
    echo 
    'Count is : '.$_SESSION['count']; 
       
    //require_once("./cookie.php");

       
    include("./config.php");

       include(
    "./dbx.php");

       include(
    "./common.php");

    ?>
    Jimmy Day
    Senior Systems Analyst
    Piedmont Healthcare Corporation

  6. #6
    Sell crazy someplace else markl999's Avatar
    Join Date
    Aug 2003
    Location
    Manchester, UK
    Posts
    4,007
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It looks like you are relying on register_globals being On and it's Off by default since PHP 4.2.0. Try this instead.

    PHP Code:
    if (!empty($_GET['letter'])) {

          
    $sql "select drinkid, title, date, rating from drinks where title like '".$_GET['letter']."%' and status = 'L'";

       } else {

          
    $sql "select drinkid, title, date, rating from drinks where categoryid = ".$_GET['catid']." and status = 'L'";

       }
       
    $result mysql_query($sql ,$db) or die(mysql_error());
       
    $numrows mysql_num_rows($result); 
    You should also change any other vars that are passed in the url from $foo to $_GET['foo'] (for example your pagenum variable).

  7. #7
    SitePoint Evangelist jimday1982's Avatar
    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    562
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok, I've updated the code to:

    Code:
    <?php include("rheader.php"); ?>
    
    <?php
    
    if (!empty($_GET['letter'])) {
    
          $sql = "select drinkid, title, date, rating from drinks where title like '".$_GET['letter']."%' and status = 'L'";
    
       } else {
    
          $sql = "select drinkid, title, date, rating from drinks where categoryid = ".$_GET['catid']." and status = 'L'";
    
       }
       $result = mysql_query($sql ,$db) or die(mysql_error());
       $numrows = mysql_num_rows($result); 
    
       $lastpage = false;
    
       if ($pagenum == 0) {
          $startrow = 0;
       } else {
          $startrow = 25 * $pagenum;
       }
    
       if ($numrows < $startrow + 25) {
          $endrow = $numrows;
          $lastpage = true;
       }
    
       if ($letter) {
    
          $sql = "select drinkid, title, date, rating from drinks where title like '$letter%' and status = 'L' order by title limit $startrow,25";
          $pagetitle = "Drinks starting with '$letter'";
    
       } else {
    
          $sql = "select * from categories where categoryid = $catid";
          $result = mysql_query($sql ,$db);
          $row = mysql_fetch_row($result);
          $pagetitle = $row[1];
    
          $sql = "select drinkid, title, date, rating from drinks where categoryid = $catid and status = 'L' order by title limit $startrow,25";
    
       }
    
    ?>
    But I'm still getting the error - perhaps I'm missing something?
    Jimmy Day
    Senior Systems Analyst
    Piedmont Healthcare Corporation

  8. #8
    Sell crazy someplace else markl999's Avatar
    Join Date
    Aug 2003
    Location
    Manchester, UK
    Posts
    4,007
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Naw, the errors moved down now, which is good. You just need to make the same changes further down.
    PHP Code:
    if (!empty($_GET['letter'])) {

          
    $sql "select drinkid, title, date, rating from drinks where title like '".$_GET['letter']."%' and status = 'L' order by title limit $startrow,25";
          
    $pagetitle "Drinks starting with '".$_GET['letter']."'";

       } else {

          
    $sql "select * from categories where categoryid = ".$_GET['catid'];
          
    $result mysql_query($sql ,$db) or die(mysql_error());
          
    $row mysql_fetch_row($result);
          
    $pagetitle $row[1];

          
    $sql "select drinkid, title, date, rating from drinks where categoryid = ".$_GET['catid']." and status = 'L' order by title limit $startrow,25";

       } 

  9. #9
    SitePoint Evangelist jimday1982's Avatar
    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    562
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks, looks like I'm getting close, but now it's erroring on line 16:

    Warning: mysql_numrows(): supplied argument is not a valid MySQL result resource in /home/day1982/public_html/category.php on line 16

    which is:

    $numrows = mysql_numrows($result);

    is there something wrong with that?
    Jimmy Day
    Senior Systems Analyst
    Piedmont Healthcare Corporation

  10. #10
    Sell crazy someplace else markl999's Avatar
    Join Date
    Aug 2003
    Location
    Manchester, UK
    Posts
    4,007
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hmm i'm not sure of the exact syntax of lines 15 and 16 but i'm guessing they are something like:
    $result = mysql_query($sql ,$db);
    $numrows = mysql_numrows($result);

    if you change them like below it should also be telling you what the errors are:
    $result = mysql_query($sql ,$db) or die(mysql_error());
    $numrows = mysql_num_rows($result);

    Also note i used mysql_num_rows as mysql_numrows is depreciated and shouldn't be used any more.

  11. #11
    SitePoint Evangelist jimday1982's Avatar
    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    562
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for the tip, the error that it produces is:

    You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'and status = 'L'' at line 1


    The lines it's referring to are:

    if ($letter) {

    $sql = "select drinkid, title, date, rating from drinks where title like '$letter%' and status = 'L'";

    } else {

    $sql = "select drinkid, title, date, rating from drinks where categoryid = $catid and status = 'L'";

    }

    Still confused as to what could be wrong now
    Jimmy Day
    Senior Systems Analyst
    Piedmont Healthcare Corporation

  12. #12
    Sell crazy someplace else markl999's Avatar
    Join Date
    Aug 2003
    Location
    Manchester, UK
    Posts
    4,007
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well you don't appear to have made the changes i suggested above, all that $_GET['catid'] stuff ?
    You have register_globals Off (and rightly so). This means that is you pass catid=8 in the url then $catid won't be set, you have to use $_GET['catid'].
    Re-read the code i posted above that makes use of $_GET

  13. #13
    SitePoint Evangelist jimday1982's Avatar
    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    562
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    When I change those variables to $_GET['foo'] though, it gives me an error on those lines, if I leave them how they are, my error is on line 1, not 7 l- where those variables begin.

    Switching them to $_GET['catid'] and so on produced this error:

    Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/day1982/public_html/category.php on line 11
    Jimmy Day
    Senior Systems Analyst
    Piedmont Healthcare Corporation

  14. #14
    Sell crazy someplace else markl999's Avatar
    Join Date
    Aug 2003
    Location
    Manchester, UK
    Posts
    4,007
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It should look like:
    $sql = "select drinkid, title, date, rating from drinks where categoryid = ".$_GET['catid']." and status = 'L'";
    OR, you can use this format:
    $sql = "select drinkid, title, date, rating from drinks where categoryid = {$_GET['catid']} and status = 'L'";

  15. #15
    SitePoint Evangelist jimday1982's Avatar
    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    562
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok, 2 questions:

    1- For:

    $sql = "select drinkid, title, date, rating from drinks where title like '$letter%' and status = 'L'";

    $letter doesn't need to be encapsulated with $_GET?

    2-

    Are the dots in:

    .$_GET['catid'].

    for appending?

    Thanks a lot
    Jimmy Day
    Senior Systems Analyst
    Piedmont Healthcare Corporation

  16. #16
    Sell crazy someplace else markl999's Avatar
    Join Date
    Aug 2003
    Location
    Manchester, UK
    Posts
    4,007
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    1. Yes
    2. Yes

    There's 3 common ways to use array values in a string:

    1. $sql = "SELECT foo FROM bar WHERE blah='".$_GET['letter']."'";
    2. $sql = "SELECT foo FROM bar WHERE blah='{$_GET['letter']}'";
    3. $sql = "SELECT foo FROM bar WHERE blah=$_GET[letter]";

    I usually stick with 1 or 2 and while 3 will work i personally don't like it

  17. #17
    SitePoint Evangelist jimday1982's Avatar
    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    562
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Awesome - I can't begin to tell you how much help you've been. Now I get to spend all night updating the rest of the site. Thanks again !
    Jimmy Day
    Senior Systems Analyst
    Piedmont Healthcare Corporation

  18. #18
    Sell crazy someplace else markl999's Avatar
    Join Date
    Aug 2003
    Location
    Manchester, UK
    Posts
    4,007
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    No problem. Glad to see you've got some Guinness drinks on there!

  19. #19
    SitePoint Evangelist jimday1982's Avatar
    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    562
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Haha, one of my fav's too.

    I hate to keep bugging you, but on one page I have an input box called emailaddress - on the processing page I have:

    if (strlen($_GET['emailaddress']) < 1) {
    $error = true;
    $msg .= "Sorry. You did not enter an email address.";
    } else { ...

    and every time it comes back saying that I didn'te nter an address - could it be that the data isn't being passed for some reason?
    Jimmy Day
    Senior Systems Analyst
    Piedmont Healthcare Corporation

  20. #20
    SitePoint Evangelist jimday1982's Avatar
    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    562
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I changed the form action to get and it seemed to work, but it's inserting a null value in the database...
    Jimmy Day
    Senior Systems Analyst
    Piedmont Healthcare Corporation

  21. #21
    Sell crazy someplace else markl999's Avatar
    Join Date
    Aug 2003
    Location
    Manchester, UK
    Posts
    4,007
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    That part of your page sends emailaddress as a form POST, so you need to use $_POST['emailaddress'] not $_GET

    $_POST is for posted data (e.g via a form)
    $_GET is for variables passed in the url

    http://php.net/variables.predefined has more info on these arrays which are called superglobals ($_SESSION, $_COOKIE etc..)

  22. #22
    SitePoint Evangelist jimday1982's Avatar
    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    562
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok, that makes sense, but why wouldn't the following line work?

    $sql = "select * from subscribers where emailaddress = $_POST['emailaddress']";
    Jimmy Day
    Senior Systems Analyst
    Piedmont Healthcare Corporation

  23. #23
    Sell crazy someplace else markl999's Avatar
    Join Date
    Aug 2003
    Location
    Manchester, UK
    Posts
    4,007
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You need to quote variables in a mysql string, i didn't quote catid in the previous examples as you don't strictly need to quote int values in a mysql string (though i suppose you should, i just don't out of habit).

    So you want:
    $sql = "select * from subscribers where emailaddress = '{$_POST['emailaddress']}'";

    If you don't quote it it will treat the value as a column name, eg WHERE foo=bar will treat bar as a column name whereas WHERE foo='bar' will treat bar correctly as a value.

  24. #24
    SitePoint Evangelist jimday1982's Avatar
    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    562
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ahh, sort of like MS Access (which I have the misfortune of being much more familliar with than PHP/MySQL). Thanks again!
    Jimmy Day
    Senior Systems Analyst
    Piedmont Healthcare Corporation

  25. #25
    SitePoint Evangelist jimday1982's Avatar
    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    562
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Mark - you might want to get in on this (http://www.sitepoint.com/forums/showthread.php?t=203650) - it'd probably be a quick $20 for you.
    Jimmy Day
    Senior Systems Analyst
    Piedmont Healthcare Corporation


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •