not so sweet Cookies!!!

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
indian98476
Forum Commoner
Posts: 78
Joined: Tue Dec 15, 2009 3:24 am

not so sweet Cookies!!!

Post by indian98476 »

is cookies stored based on ip address or some other value?
User avatar
Darhazer
DevNet Resident
Posts: 1011
Joined: Thu May 14, 2009 3:00 pm
Location: HellCity, Bulgaria

Re: not so sweet Cookies!!!

Post by Darhazer »

Cookie is stored by the browser, for a given hostname. The IP have nothing to do with the cookie itself. Why you are asking this?
indian98476
Forum Commoner
Posts: 78
Joined: Tue Dec 15, 2009 3:24 am

Re: not so sweet Cookies!!!

Post by indian98476 »

i got my code working....it takes users based on his names from the form field in the index page....if names differ u get a msg welcome user's name to our website else he gets welcome back user's name...

so this is my doubt now....
so if multiple users login from the same computer to the same website how does it take as different users?
User avatar
daedalus__
DevNet Resident
Posts: 1925
Joined: Thu Feb 09, 2006 4:52 pm

Re: not so sweet Cookies!!!

Post by daedalus__ »

they don't. one log-in per client.

well they could use two different browsers on the clients machine.
indian98476
Forum Commoner
Posts: 78
Joined: Tue Dec 15, 2009 3:24 am

Re: not so sweet Cookies!!!

Post by indian98476 »

my code is gone messy again...

it logins a particular user, then when he logs in back again it says welcome back...but if he again tries to login it says welcome to our site instead of telling welcome back user's name
indian98476
Forum Commoner
Posts: 78
Joined: Tue Dec 15, 2009 3:24 am

Re: not so sweet Cookies!!!

Post by indian98476 »

here is my code

Code: Select all

<?php
if($_POST['sub']){
 
$name=$_REQUEST['name'];//take users name in a name variable
 
if (!isset($_COOKIE["user"]))//check if cookie is set or not
{
setcookie("user",$name, time() + 60*60*24*7);//set the cookie if not set, important to not here is that cookie is set based on name
echo "Welcome to our site";
}
else//if cookie has been set already
{
echo "Welcome Back ".$_REQUEST['name'].".";
setcookie("user",$name, time() - 60*60*24*7);//unset the cookie so new users dont get a welcome back message
}
//echo $cookie["user"];
}
else{
echo "<form method='post' action='login.php'>
  Name: <input name='name' type='text' /><br />
  Username: <input name='uname' type='text' /><br />
  Password: <input name='pword' type='password' /><br />
  <input type='submit' name='sub' value='login' />
  </form>";
echo "<br />";
}
?>
i think error lies with line 16
indian98476
Forum Commoner
Posts: 78
Joined: Tue Dec 15, 2009 3:24 am

Re: not so sweet Cookies!!!

Post by indian98476 »

sorry i mean to say line 14.....
indian98476
Forum Commoner
Posts: 78
Joined: Tue Dec 15, 2009 3:24 am

Re: not so sweet Cookies!!!

Post by indian98476 »

i have rewritten the code like this obviously with some changes...

Code: Select all

<?php
if($_POST['sub']){
 
$name=$_REQUEST['name'];//take users name in a name variable
 
 
if (!isset($_COOKIE["user"]))//check if cookie is set or not
{
setcookie("user",$name, time() + 60*60*24*7);//set the cookie if not set, important to not here is that cookie is set based on name
echo "Welcome to our site";
}
else//if cookie has been set already
{
$name1=$_COOKIE("user");// get the value of user and store in a variable $name1
if($name==$name1)//compare the values for a match
{
//setcookie("user",$name, time() - 60*60*24*7);//unset the cookie so new users dont get a welcome back message
echo "Welcome Back ".$_REQUEST['name'].".";
}
else
{
echo "Welcome to our site";
}
}
echo $_COOKIE["user"];
}
else{
echo "<form method='post' action='login.php'>
  Name: <input name='name' type='text' /><br />
  Username: <input name='uname' type='text' /><br />
  Password: <input name='pword' type='password' /><br />
  <input type='submit' name='sub' value='login' />
  </form>";
echo "<br />";
}
?>
User avatar
Apollo
Forum Regular
Posts: 794
Joined: Wed Apr 30, 2008 2:34 am

Re: not so sweet Cookies!!!

Post by Apollo »

First people gotta login with a password, but then later on, you check if they are logged in by getting the 'user' cookie variable?

What keeps anyone from creating/changing a cookie themselves with username 'administrator' or something?

Rule nr.1: Don't trust user input. And cookies are 100% user input.
indian98476
Forum Commoner
Posts: 78
Joined: Tue Dec 15, 2009 3:24 am

Re: not so sweet Cookies!!!

Post by indian98476 »

i understand what you mean...but this is just the starting...so i thought first clear cookies issues first and then move on....
indian98476
Forum Commoner
Posts: 78
Joined: Tue Dec 15, 2009 3:24 am

Re: not so sweet Cookies!!!

Post by indian98476 »

an easy 2 read code...so if 2 different users login to the same page from a same browser this code fails to welcome them back....but instead show a welcome to our site msg....plz help....smthng wrong with my logic or code?

Code: Select all

<?php
if($_POST['sub']){
 
if (!isset($_COOKIE["user"]))//check if cookie is set or not
{
$name=$_REQUEST["name"];//take users name in a name variable
setcookie("user",$name, time() + 60*60*24*7);//set the cookie if not set, important to note here is that cookie is set based on name
echo "Welcome to our site";
}
else//if cookie has been set already
{
$name2=$_REQUEST["name"];//take users name in a name variable
$name1=$_COOKIE["user"];//take cookies value in another name variable
if($name1==$name2){//check for a match of users variable and cookie variable
echo "Welcome Back ".$name2.". <br />";
}
else
{
$name3=$_REQUEST["name"];//take users name in a name variable
setcookie("user",$name3, time() + 60*60*24*7);
echo "Welcome to our site. <br />";
setcookie("user",$name3, time() + 60*60*24*7);//unset the created cookie
}
}
//echo $_COOKIE["user"];
}
else{
 
echo "<form method='post' action='login.php'>
  Name: <input name='name' type='text' /><br />
  Username: <input name='uname' type='text' /><br />
  Password: <input name='pword' type='password' /><br />
  <input type='submit' name='sub' value='login' />
  </form>";
echo "<br />";
}
 
?>
indian98476
Forum Commoner
Posts: 78
Joined: Tue Dec 15, 2009 3:24 am

Re: not so sweet Cookies!!!

Post by indian98476 »

i see that i am not storing those cookie values anywhere..how do i go about it?
Post Reply