SitePoint Sponsor

User Tag List

Results 1 to 20 of 20

Thread: Cookie Issue

  1. #1
    SitePoint Member
    Join Date
    Jan 2005
    Location
    USA
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Cookie Issue

    I have been working on this for a while, trying to create a user login system in a MySQL DB. As well detect if the user is loged etc...

    Still my setcookie function does not seem to work. Here is the code

    PHP Code:
      // setup global variable $global_user_id, set it to 0, which means no user as auto_increment IDs in MySQL begin with 1
      
    $global_user_id 0;
      
      
    // now, check if userís computer has the cookie set
      
    if (isset($_COOKIE['mycookiename'])) {
      
        
    $cookieval $_COOKIE['mycookiename'];
        
        
    //now parse the ID:LOGCODE value in cooke via explode() function
        
    $cookieparsedexplode (":"$cookieval);
        
        
    // $cookie_uid will hold userís id
        // $cookie_code will hold userís last reported logcode
        
    $cookie_uid  $cookieparsed[0];
        
    $cookie_code $cookieparsed[1];
        
        
    // ensure that ID from cookie is a numeric value
        
    if (is_numeric($cookie_uid)) {
          
          
    // now connect to the database
          
    $link mysql_connect($Host$User_Name$User_Password) or die("Could not connect : " mysql_error() . "<P>");
          
          
    // now select the database
          
    mysql_select_db($DB_Name);
          
          
    // now, find the user via his ID
          
    $resmysql_query("SELECT user_logcode FROM user WHERE user_id='$cookie_uid'");
          
          
    // no die() this time, we will redirect if error occurs
          
    if ($res) {
            
            
    // now see if userís id exists in database
            
    if (mysql_num_rows($res)) {
              
              
    $logcode_in_basemysql_result($res0);
                
              
    // now compare LOGCODES in cookie against the one in database
              
    if ($logcode_in_base == $cookie_code) {
                
                
    // if valid, generate new logcode and update database
                
    $newcode md5(func_generate_string());
                
    $query "UPDATE user SET user_logcode='$newcode' WHERE user_id='$cookie_uid'";
                
    $res mysql_query($query) or die("Could not update database.");;
                  
                
    // setup new cookie (replace the old one)
                
    $newval "$cookie_uid:$newcode";

    ------->
    setcookie("mycookiename"$newvaltime() + 3600"/"".mywebsite.com");

                
    // finally, setup global var to reflect userís id
                
    $global_user_id $cookie_uid;

                
    // now close the database
                
    mysql_close($link);  
              } else {
                
    // redirect if logcodes are not equal
                
    login_error ("Session Ended");
                exit;
              }
            } else {
              
    // redirect if user ID does not exist in database
              
    login_error ("User Does Not Exist");
              exit;
            }
          } else {
            
    // redirect in case of database error
            
    login_error ("DataBase Error");
            exit;
          }
        } else {
          
    // now close the database
          
    mysql_close($link);  
            
          
    // redirect if user ID in cookie not numeric
          
    login_error ("Incorrect Entry Value");
          exit;
        }
      } else {
        
    // redirect if user ID in cookie not numeric
        
    login_error ("Wrong Cookie");
        exit;
      } 
    The line in red does not seem to work and I can't seem to be able to figure out the exact reason. Does somebody has an explaination ?

  2. #2
    It's been real... Forbes's Avatar
    Join Date
    Dec 2004
    Location
    Yorkshire, England
    Posts
    676
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Have you tried echo()ing $cookie_uid to see if there is any data in before you run the query?

    Also, are you getting any errors? If so, what are they?

    The more information give us, the more help we can give you...

  3. #3
    SitePoint Member
    Join Date
    Jan 2005
    Location
    USA
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I did an print_r($_COOKIE); which already show just after the setcookie that it has not been updated.

    Yet all the value are correctly updated in the DB and the same value are used to update the cookie

    Thefore on the second check, the line
    PHP Code:
    if ($logcode_in_base == $cookie_code) { 
    fail since there is a difference between the Db and the Cookie.


    PHP Code:
    if (setcookie("mycookiename"$newvaltime() + 3600"/"".mywebsite.com") == 1) {
      echo (
    "Set Cookie Worked<br>");
    } else {
      echo (
    "Set Cookie Failed<br>");
    }
    print_r($_COOKIE);
    echo (
    "<br>"); 
    It always return a failure at that point.

    I also tried to delete the cookie using:
    PHP Code:
    setcookie("mycookiename"""time() - 3600"/"".mywebsite.com"); 
    to delete the cookie before creating a new one, it did not delete the cookie.

  4. #4
    It's been real... Forbes's Avatar
    Join Date
    Dec 2004
    Location
    Yorkshire, England
    Posts
    676
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Taking the problem right back, have you actually got cookies enabled in your browser?

    Don't get me wrong, I'm not making out you're stupid, it's just that sometimes the obvious is overlooked.

    I can't see anything really wrong, but I'd have to have a play around with the live code to get my head into it properly...

  5. #5
    SitePoint Member
    Join Date
    Jan 2005
    Location
    USA
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I understand, trust me it's driving me mad

    I'm using Firefox 1.0 and I have the cookies enabled, I can check the value of the cookie once I'm loged in. Everything is fine.

    I have tried with IE with all updates, and it does the same thing, it does not update the cookie, but will create the cookie when I log in.

    Both browsers have the cookies enabled.

  6. #6
    It's been real... Forbes's Avatar
    Join Date
    Dec 2004
    Location
    Yorkshire, England
    Posts
    676
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    If you're trying to update the cookie, then why not try destroying it first, then writing out a new one?

  7. #7
    SitePoint Member
    Join Date
    Jan 2005
    Location
    USA
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I tried that, and it would not destroy the cookie in that specific function.

    But it would destroy it using lougout.php

    I don't undestand why it would not let me destroy it or change it somewhere else.

  8. #8
    It's been real... Forbes's Avatar
    Join Date
    Dec 2004
    Location
    Yorkshire, England
    Posts
    676
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Let's see some of the code in your logout.php file...

  9. #9
    Non-Member coo_t2's Avatar
    Join Date
    Feb 2003
    Location
    Dog Street
    Posts
    1,819
    Mentioned
    1 Post(s)
    Tagged
    1 Thread(s)
    Turn error reporting (error_reporting(E_ALL) )
    all the way up to see if you get any funky errors.

    --ed

  10. #10
    SitePoint Member
    Join Date
    Jan 2005
    Location
    USA
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    this is the logout
    PHP Code:
    <?php
      
    // ensure the userid is passed
      
    if (isset($_POST['userid'])) {

        
    $userid $_POST['userid'];  

        
    // ensure the value is numeric
        
    if (is_numeric($userid)) {

          require (
    "./config.php");
      
          
    $link mysql_connect($Host$User_Name$User_Password) or die("Could not connect : " mysql_error() . "<P>");

          
    mysql_select_db($DB_Name);

          
    // update database
          
    $resmysql_query("UPDATE user SET user_logcode='None' WHERE user_id='$userid'");
          
    setcookie("mycookiename""empty"time() - 3600"/"".mywebsite.com");

          
    // Close the MySQL Link  
          
    mysql_close($link);    
        }
        
    setcookie("mycookiename""empty"time() - 3600"/"".mywebsite.com");
      }
      
    // redirect to a logoff (thanks for using our service) page
      
    header("Location: http://www.mywebsite.com/log_off.php");

      exit;
    ?>

  11. #11
    It's been real... Forbes's Avatar
    Join Date
    Dec 2004
    Location
    Yorkshire, England
    Posts
    676
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well for a start, the second attribute of each call to setcookie() is quite different...

  12. #12
    SitePoint Member
    Join Date
    Jan 2005
    Location
    USA
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by coo_t2
    Turn error reporting (error_reporting(E_ALL) )
    all the way up to see if you get any funky errors.

    --ed
    I tried and yet no error is reported, but still the cookie is neither updated or deleted.

  13. #13
    SitePoint Member
    Join Date
    Jan 2005
    Location
    USA
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Forbes
    Well for a start, the second attribute of each call to setcookie() is quite different...
    I did a copy and paste of the setcookie to delete the cookie from the logout function (which work fine in log_out.php) and copied it in my detection function with nothing else to prove that it would neither delete or uptdate the cookie.

    And it does not delete it within the detect_user.php function, only in the log_out.php side.

  14. #14
    SitePoint Member
    Join Date
    Jan 2005
    Location
    USA
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    No ideas ?

  15. #15
    Umm. PHP Guru....Naaaah jaswinder_rana's Avatar
    Join Date
    Jul 2004
    Location
    canada
    Posts
    3,193
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    just a try
    change
    setcookie("mycookiename", $newval, time() + 3600, "/", ".mywebsite.com");
    to
    setcookie("mycookiename", $newval, time() + 3600, "/", "mywebsite.com");
    OR to
    setcookie("mycookiename", $newval, time() + 3600, "/", "www.mywebsite.com");

    there is no . before the mywebsite.com and in second case there's www before the website name

    just a try might be the error(though it seems not but you never know)

  16. #16
    SitePoint Addict trogdor1024's Avatar
    Join Date
    Oct 2004
    Location
    New Jersey
    Posts
    235
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You can also try taking out the last two arguments...
    PHP Code:
    <?
    setcookie
    ("mycookiename"$newvaltime()+3600);
    ?>
    Sometimes the domain argument is so picky that it won't balk when it uses its default. I rarely need to specify.

  17. #17
    SitePoint Member
    Join Date
    Jan 2005
    Location
    USA
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Talking

    I found my own mistake, the cookie part of the script needed to be the very first action in the script before any HTML output.

    Otherwise the setcookie functon will always return false.

    Thanks for your help.

  18. #18
    It's been real... Forbes's Avatar
    Join Date
    Dec 2004
    Location
    Yorkshire, England
    Posts
    676
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Of course!

    I think a well-earned: 'duh!' is deserved all round...

  19. #19
    Non-Member coo_t2's Avatar
    Join Date
    Feb 2003
    Location
    Dog Street
    Posts
    1,819
    Mentioned
    1 Post(s)
    Tagged
    1 Thread(s)
    You mean you didn't get any error messages saying "headers already sent" or something like that?

    --ed

  20. #20
    It's been real... Forbes's Avatar
    Join Date
    Dec 2004
    Location
    Yorkshire, England
    Posts
    676
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Not if you do it, thus:
    PHP Code:
    <?php

    $value 
    'something from somewhere';

    setcookie("TestCookie"$value);
    setcookie("TestCookie"$valuetime()+3600);* /* expire in 1 hour */
    setcookie("TestCookie"$valuetime()+3600"/~rasmus/"".example.com"1);

    ?><?php

    // rest of code, here...

    ...
    ...
    ...
    ...


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •