Cookie script not working

[ehmer]

I have a page which I wish to restrict access to unless the visitor supplies an email address. I want the script on another page to check for the presence of the cookie named "email". If present a link to the restricted page is to be displayed to allow entry and if not present an input form is displayed requesting the email address.

When executed access is gained, but on returning to the linking page I am expecting the cookie to be found and the input form not to be displayed but the link instead. This is not currently working as intended.

Appreciate someone pointing out my error. (relevant code below)

<!-- this code above <html> tag -->
<? if (isset($email))
{
setcookie("email", $email, time()+365 * 86400);
}
?>

<!-- this code in <body> tag -->
<?
if (isset($email)) {
?>
<a href='freeresourceslinks.php'>Enter Free Resources</a>
<?
} else {
?>
<form name="emailaddress" id="emailaddress" title="Email address" onsubmit="return formvalidation();" method="post" action="cgi-bin/formtomailscript2.cgi">
<table>
<tr>
<td><input name="email" id="email" type="text" /></td>
</tr>
<tr>
<td><input name="submit" id="submit" type="submit" value="submit" /></td>
</tr>
</table>
</form>
<? } ?>


Thanks
David

[coo_t2]

Instead of this:

PHP Code:

   if (isset($email)) {
  ?>
   <a href='freeresourceslinks.php'>Enter Free Resources</a> 


Try this:

PHP Code:

   if (isset($_COOKIE['email'])) {
  ?>
   <a href='freeresourceslinks.php'>Enter Free Resources</a> 


Just realize that this isn't that secure. You should also check that the email supplied is valid, but that's sort of a whole other issue.

--ed

[ehmer]

Tried this variation without any noticable difference. Was the original approach wrong?

Any other ideas?

David

[coo_t2]

You have to reload the page for the cookie to show up.

Try this:

PHP Code:

  <?php
  
  
  if (preg_match("/\w+/", $_POST['email']) )
  {
    setcookie("email", $email, time()+365 * 86400);
    header("Location: $_SERVER[SCRIPT_NAME]?checkit=1");
    exit;
  }
  ?>
  
  <!-- this code in <body> tag -->
  <?
  if (isset($_COOKIE['email'])) {
  ?>
    <a href='freeresourceslinks.php'>Enter Free Resources</a>
  <?
  } elseif ($_GET['checkit']) {
    echo "Sorry, your browser needs to support cookies.";
  }
  else {
  ?>
 <form name="emailaddress" id="emailaddress" title="Email address" onsubmit="return formvalidation();" method="post" action="<?php echo $_SERVER['SCRIPT_NAME']; ?>">
    <table>
    <tr>
    <td><input name="email" id="email" type="text" /></td>
    </tr>
    <tr>
    <td><input name="submit" id="submit" type="submit" value="submit" /></td>
    </tr>
    </table>
    </form>
  <? } ?>

--ed

[ehmer]

Thank you

That seems to work fine. Now I just have to make sense of it.

David