need some help with cookies

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
mattman098
Forum Newbie
Posts: 16
Joined: Wed Feb 10, 2010 1:45 pm

need some help with cookies

Post by mattman098 »

I have a bit of an issue here creating cookies...

I have an SQL query which returns values to an array (which works, and prints into a table etc..) but i want to also store the results of the query into cookies so that i can use them on another page later.

I tried doing it like this with an index variable dynamically creating cookies for each result produced and assigning a value to it.

When I try echoing the cookie, nothing happens...

Code: Select all

while($row = mysql_fetch_array($result))
{
  setcookie("Username".$i, $row['Username'], time()+3600);
  setcookie("FirstName".$i, $row['FirstName'], time()+3600);
  setcookie("Surname".$i, $row['Surname'], time()+3600);
  setcookie("School".$i, $row['School'], time()+3600);
  setcookie("Framework".$i, $row['Framework'], time()+3600);
  setcookie("Account".$i, $row['Account'], time()+3600);
  setcookie("Banned".$i, $row['Banned'], time()+3600);
  $i++;
}
 
echo "<p>";
echo $_COOKIE["Username0"];
echo "</p>";
any advice would be appreciated!
User avatar
flying_circus
Forum Regular
Posts: 732
Joined: Wed Mar 05, 2008 10:23 pm
Location: Sunriver, OR

Re: need some help with cookies

Post by flying_circus »

mattman098 wrote:any advice would be appreciated!
You should scrap this idea all together.

Cookie's are stored on the client side. If you store an account number, I can go into the cookie (stored on my computer) and change the value. How will your code handle this when I send it back on the next request?

Use sessions. If you are on a shared webhost, just make sure to change the default session storage location.
User avatar
emmbec
Forum Contributor
Posts: 112
Joined: Thu Sep 21, 2006 12:19 pm
Location: Queretaro, Mexico

Re: need some help with cookies

Post by emmbec »

Yes use sessions instead, this is wrong for security reasons...
mattman098
Forum Newbie
Posts: 16
Joined: Wed Feb 10, 2010 1:45 pm

Re: need some help with cookies

Post by mattman098 »

the security really isn't an issue as it's an assignment, not for any business or anything.

and incase you're wondering if i should be getting help online for assignments, i definitely understand cookies, and have used them before etc, i've just never done it in this way, with trying to make the username from concatenation and with loops and sql etc

cheers for your concern over the potential hacking though =P
User avatar
flying_circus
Forum Regular
Posts: 732
Joined: Wed Mar 05, 2008 10:23 pm
Location: Sunriver, OR

Re: need some help with cookies

Post by flying_circus »

mattman098 wrote:the security really isn't an issue as it's an assignment, not for any business or anything.
Don't be an under-achiever. (from one under-achiever to another :wink: )


It's hard to figure out exactly why your original attempt doesnt work without seeing all of the code and any errors its producing. You can't set a cookie value and call it within the same script. $_COOKIE doesnt get populated until the next page request. If you refresh the page, does your value show?
mattman098
Forum Newbie
Posts: 16
Joined: Wed Feb 10, 2010 1:45 pm

Re: need some help with cookies

Post by mattman098 »

im not under-acheiving, we're told to be using cookies =]

Code: Select all

<?php
$student_id=$_GET["student_id"];
$password=$_GET["password"];
$fname=$_GET["fname"];
$sname=$_GET["sname"];
$school=$_GET["school"];
$course=$_GET["course"];
$account=$_GET["account"];
$banned=$_GET["banned"];
 
 
 
$con = mysql_connect("DBHOST", "USERNAME", "PASSWORD"); 
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
 
mysql_select_db("DBNAME", $con);
 
$sql="SELECT * FROM users WHERE Username='".$student_id."' OR Password='".$password."' OR FirstName='".$fname."' OR Surname='".$sname."' OR School='".$school."' OR Framework='".$course."' OR AccountLevel='".$account."' OR Banned='".$banned."';";
 
echo $sql;
 
$result = mysql_query($sql, $con);
 
echo "<table border='1'>
<tr>
<th>Username</th>
<th>First Name</th>
<th>Surname</th>
<th>School</th>
<th>Course</th>
<th>Account</th>
<th>Banned</th>
</tr>";
 
while($row = mysql_fetch_array($result))
  {
  echo "<td>" . $row['Username'] . "</td>";
  echo "<td>" . $row['FirstName'] . "</td>";
  echo "<td>" . $row['Surname'] . "</td>";
  echo "<td>" . $row['School'] . "</td>";
  echo "<td>" . $row['Framework'] . "</td>";
  echo "<td>" . $row['AccountLevel'] . "</td>";
  echo "<td>" . $row['Banned'] . "</td>";
  echo "</tr>";
  }
  
  setcookie("cooksies", "valsies", time()+3600);
 
$i=0;
 
while($row = mysql_fetch_array($result))
{
  setcookie("Username".$i, $row['Username'], time()+3600);
  setcookie("FirstName".$i, $row['FirstName'], time()+3600);
  setcookie("Surname".$i, $row['Surname'], time()+3600);
  setcookie("School".$i, $row['School'], time()+3600);
  setcookie("Framework".$i, $row['Framework'], time()+3600);
  setcookie("Account".$i, $row['Account'], time()+3600);
  setcookie("Banned".$i, $row['Banned'], time()+3600);
  $i++;
}
  
echo "</table>";
 
echo "<p>";
echo $_COOKIE["Username0"];
echo $_COOKIE["cooksies"];
echo "HELLO";
echo "</p>";
 
mysql_close($con);
?>
there's the whole PHP file anyways

i didn't realise you had o refresh, so when i did, that cookie i aptly named 'cooksies' displayed it's value, but the ones within the loop still don't...

and sorry for the barely functional code, im still in testing before i ge into a final one =]
User avatar
flying_circus
Forum Regular
Posts: 732
Joined: Wed Mar 05, 2008 10:23 pm
Location: Sunriver, OR

Re: need some help with cookies

Post by flying_circus »

mattman098 wrote:im not under-acheiving, we're told to be using cookies =]
Welp, I guess you got me there :)

setcookie is a header and should be called before any output it displayed to your page. ob_start() should help with this. You can disregard how I modified your code. Simplifying it helps me understand what it does. If your table displays with all of the user's information, the cookies should be set. You should be able to refresh and see what is set.

Code: Select all

<?php
  # Start Output Buffering
    ob_start();
    
  # Vars
    $i=0;
    $student_id=$_GET["student_id"];
    $password=$_GET["password"];
    $fname=$_GET["fname"];
    $sname=$_GET["sname"];
    $school=$_GET["school"];
    $course=$_GET["course"];
    $account=$_GET["account"];
    $banned=$_GET["banned"];
  
  $con = mysql_connect("DBHOST", "USERNAME", "PASSWORD"); 
  if (!$con)
    die('Could not connect: ' . mysql_error());
 
  mysql_select_db("DBNAME", $con);
 
  $sql="SELECT * FROM `users` WHERE `Username`='{$student_id}' OR `Password`='{$password}' OR `FirstName`='{$fname}' OR `Surname`='{$sname}' OR `School`='{$school}' OR `Framework`='{$course}' OR `AccountLevel`='{$account}' OR `Banned`='{$banned}';";
 
  $result = mysql_query($sql, $con);
 
  echo "<table border='1'>
  <tr>
  <th>Username</th>
  <th>First Name</th>
  <th>Surname</th>
  <th>School</th>
  <th>Course</th>
  <th>Account</th>
  <th>Banned</th>
  </tr>";
 
  if($result && mysql_num_rows($result) > 0)
  {
    while($row = mysql_fetch_array($result))
    {
    # Set Cookies
      setcookie("Username{$i}", $row['Username'], time()+3600);
      setcookie("FirstName{$i}", $row['FirstName'], time()+3600);
      setcookie("Surname{$i}", $row['Surname'], time()+3600);
      setcookie("School{$i}", $row['School'], time()+3600);
      setcookie("Framework{$i}", $row['Framework'], time()+3600);
      setcookie("Account{$i}", $row['Account'], time()+3600);
      setcookie("Banned{$i}", $row['Banned'], time()+3600);
      $i++;
      
    # Output Table Data
      echo "<tr>";
        echo "<td>" . $row['Username'] . "</td>";
        echo "<td>" . $row['FirstName'] . "</td>";
        echo "<td>" . $row['Surname'] . "</td>";
        echo "<td>" . $row['School'] . "</td>";
        echo "<td>" . $row['Framework'] . "</td>";
        echo "<td>" . $row['AccountLevel'] . "</td>";
        echo "<td>" . $row['Banned'] . "</td>";
      echo "</tr>";
    }
  }
  else
  {
    print "Problem with SQL query or no results to return";
  }
 
  setcookie("cooksies", "valsies", time()+3600);
  
echo "</table>";
echo "<p>";
  echo $_COOKIE["Username0"];
  echo $_COOKIE["cooksies"];
  echo "HELLO";
  echo "<br />";
  var_dump($_COOKIE);
echo "</p>";
 
mysql_close($con);
?>
Post Reply