SitePoint Sponsor |
|
User Tag List
Results 1 to 20 of 20
Thread: Cookie Issue
-
Jan 6, 2005, 14:36 #1
- Join Date
- Jan 2005
- Location
- USA
- Posts
- 9
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Cookie Issue
I have been working on this for a while, trying to create a user login system in a MySQL DB. As well detect if the user is loged etc...
Still my setcookie function does not seem to work. Here is the code
PHP Code:// setup global variable $global_user_id, set it to 0, which means no user as auto_increment IDs in MySQL begin with 1
$global_user_id = 0;
// now, check if user’s computer has the cookie set
if (isset($_COOKIE['mycookiename'])) {
$cookieval = $_COOKIE['mycookiename'];
//now parse the ID:LOGCODE value in cooke via explode() function
$cookieparsed= explode (":", $cookieval);
// $cookie_uid will hold user’s id
// $cookie_code will hold user’s last reported logcode
$cookie_uid = $cookieparsed[0];
$cookie_code = $cookieparsed[1];
// ensure that ID from cookie is a numeric value
if (is_numeric($cookie_uid)) {
// now connect to the database
$link = mysql_connect($Host, $User_Name, $User_Password) or die("Could not connect : " . mysql_error() . "<P>");
// now select the database
mysql_select_db($DB_Name);
// now, find the user via his ID
$res= mysql_query("SELECT user_logcode FROM user WHERE user_id='$cookie_uid'");
// no die() this time, we will redirect if error occurs
if ($res) {
// now see if user’s id exists in database
if (mysql_num_rows($res)) {
$logcode_in_base= mysql_result($res, 0);
// now compare LOGCODES in cookie against the one in database
if ($logcode_in_base == $cookie_code) {
// if valid, generate new logcode and update database
$newcode = md5(func_generate_string());
$query = "UPDATE user SET user_logcode='$newcode' WHERE user_id='$cookie_uid'";
$res = mysql_query($query) or die("Could not update database.");;
// setup new cookie (replace the old one)
$newval = "$cookie_uid:$newcode";
------->setcookie("mycookiename", $newval, time() + 3600, "/", ".mywebsite.com");
// finally, setup global var to reflect user’s id
$global_user_id = $cookie_uid;
// now close the database
mysql_close($link);
} else {
// redirect if logcodes are not equal
login_error ("Session Ended");
exit;
}
} else {
// redirect if user ID does not exist in database
login_error ("User Does Not Exist");
exit;
}
} else {
// redirect in case of database error
login_error ("DataBase Error");
exit;
}
} else {
// now close the database
mysql_close($link);
// redirect if user ID in cookie not numeric
login_error ("Incorrect Entry Value");
exit;
}
} else {
// redirect if user ID in cookie not numeric
login_error ("Wrong Cookie");
exit;
}
-
Jan 6, 2005, 15:07 #2
- Join Date
- Dec 2004
- Location
- Yorkshire, England
- Posts
- 676
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Have you tried echo()ing $cookie_uid to see if there is any data in before you run the query?
Also, are you getting any errors? If so, what are they?
The more information give us, the more help we can give you...
-
Jan 6, 2005, 15:16 #3
- Join Date
- Jan 2005
- Location
- USA
- Posts
- 9
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
I did an print_r($_COOKIE); which already show just after the setcookie that it has not been updated.
Yet all the value are correctly updated in the DB and the same value are used to update the cookie
Thefore on the second check, the line
PHP Code:if ($logcode_in_base == $cookie_code) {
PHP Code:if (setcookie("mycookiename", $newval, time() + 3600, "/", ".mywebsite.com") == 1) {
echo ("Set Cookie Worked<br>");
} else {
echo ("Set Cookie Failed<br>");
}
print_r($_COOKIE);
echo ("<br>");
I also tried to delete the cookie using:
PHP Code:setcookie("mycookiename", "", time() - 3600, "/", ".mywebsite.com");
-
Jan 6, 2005, 15:40 #4
- Join Date
- Dec 2004
- Location
- Yorkshire, England
- Posts
- 676
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Taking the problem right back, have you actually got cookies enabled in your browser?
Don't get me wrong, I'm not making out you're stupid, it's just that sometimes the obvious is overlooked.
I can't see anything really wrong, but I'd have to have a play around with the live code to get my head into it properly...
-
Jan 6, 2005, 15:46 #5
- Join Date
- Jan 2005
- Location
- USA
- Posts
- 9
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
I understand, trust me it's driving me mad
I'm using Firefox 1.0 and I have the cookies enabled, I can check the value of the cookie once I'm loged in. Everything is fine.
I have tried with IE with all updates, and it does the same thing, it does not update the cookie, but will create the cookie when I log in.
Both browsers have the cookies enabled.
-
Jan 6, 2005, 15:59 #6
- Join Date
- Dec 2004
- Location
- Yorkshire, England
- Posts
- 676
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
If you're trying to update the cookie, then why not try destroying it first, then writing out a new one?
-
Jan 6, 2005, 16:02 #7
- Join Date
- Jan 2005
- Location
- USA
- Posts
- 9
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
I tried that, and it would not destroy the cookie in that specific function.
But it would destroy it using lougout.php
I don't undestand why it would not let me destroy it or change it somewhere else.
-
Jan 6, 2005, 16:07 #8
- Join Date
- Dec 2004
- Location
- Yorkshire, England
- Posts
- 676
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Let's see some of the code in your logout.php file...
-
Jan 6, 2005, 16:09 #9
- Join Date
- Feb 2003
- Location
- Dog Street
- Posts
- 1,819
- Mentioned
- 1 Post(s)
- Tagged
- 1 Thread(s)
Turn error reporting (error_reporting(E_ALL) )
all the way up to see if you get any funky errors.
--ed
-
Jan 6, 2005, 16:14 #10
- Join Date
- Jan 2005
- Location
- USA
- Posts
- 9
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
this is the logout
PHP Code:<?php
// ensure the userid is passed
if (isset($_POST['userid'])) {
$userid = $_POST['userid'];
// ensure the value is numeric
if (is_numeric($userid)) {
require ("./config.php");
$link = mysql_connect($Host, $User_Name, $User_Password) or die("Could not connect : " . mysql_error() . "<P>");
mysql_select_db($DB_Name);
// update database
$res= mysql_query("UPDATE user SET user_logcode='None' WHERE user_id='$userid'");
setcookie("mycookiename", "empty", time() - 3600, "/", ".mywebsite.com");
// Close the MySQL Link
mysql_close($link);
}
setcookie("mycookiename", "empty", time() - 3600, "/", ".mywebsite.com");
}
// redirect to a logoff (thanks for using our service) page
header("Location: http://www.mywebsite.com/log_off.php");
exit;
?>
-
Jan 6, 2005, 16:17 #11
- Join Date
- Dec 2004
- Location
- Yorkshire, England
- Posts
- 676
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Well for a start, the second attribute of each call to setcookie() is quite different...
-
Jan 6, 2005, 16:17 #12
- Join Date
- Jan 2005
- Location
- USA
- Posts
- 9
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by coo_t2
-
Jan 6, 2005, 16:20 #13
- Join Date
- Jan 2005
- Location
- USA
- Posts
- 9
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by Forbes
And it does not delete it within the detect_user.php function, only in the log_out.php side.
-
Jan 6, 2005, 17:31 #14
- Join Date
- Jan 2005
- Location
- USA
- Posts
- 9
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
No ideas ?
-
Jan 6, 2005, 17:44 #15
- Join Date
- Jul 2004
- Location
- canada
- Posts
- 3,193
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
just a try
change
setcookie("mycookiename", $newval, time() + 3600, "/", ".mywebsite.com");
to
setcookie("mycookiename", $newval, time() + 3600, "/", "mywebsite.com");
OR to
setcookie("mycookiename", $newval, time() + 3600, "/", "www.mywebsite.com");
there is no . before the mywebsite.com and in second case there's www before the website name
just a try might be the error(though it seems not but you never know)
-
Jan 7, 2005, 01:07 #16
- Join Date
- Oct 2004
- Location
- New Jersey
- Posts
- 235
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
You can also try taking out the last two arguments...
PHP Code:<?
setcookie("mycookiename", $newval, time()+3600);
?>
-
Jan 7, 2005, 06:53 #17
- Join Date
- Jan 2005
- Location
- USA
- Posts
- 9
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
I found my own mistake, the cookie part of the script needed to be the very first action in the script before any HTML output.
Otherwise the setcookie functon will always return false.
Thanks for your help.
-
Jan 7, 2005, 06:54 #18
- Join Date
- Dec 2004
- Location
- Yorkshire, England
- Posts
- 676
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Of course!
I think a well-earned: 'duh!' is deserved all round...
-
Jan 7, 2005, 10:33 #19
- Join Date
- Feb 2003
- Location
- Dog Street
- Posts
- 1,819
- Mentioned
- 1 Post(s)
- Tagged
- 1 Thread(s)
You mean you didn't get any error messages saying "headers already sent" or something like that?
--ed
-
Jan 7, 2005, 10:38 #20
- Join Date
- Dec 2004
- Location
- Yorkshire, England
- Posts
- 676
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Not if you do it, thus:
PHP Code:<?php
$value = 'something from somewhere';
setcookie("TestCookie", $value);
setcookie("TestCookie", $value, time()+3600);* /* expire in 1 hour */
setcookie("TestCookie", $value, time()+3600, "/~rasmus/", ".example.com", 1);
?><?php
// rest of code, here...
...
...
...
...
Bookmarks