Page 1 of 1
need some help with cookies
Posted: Wed Feb 17, 2010 11:45 am
by mattman098
I have a bit of an issue here creating cookies...
I have an SQL query which returns values to an array (which works, and prints into a table etc..) but i want to also store the results of the query into cookies so that i can use them on another page later.
I tried doing it like this with an index variable dynamically creating cookies for each result produced and assigning a value to it.
When I try echoing the cookie, nothing happens...
Code: Select all
while($row = mysql_fetch_array($result))
{
setcookie("Username".$i, $row['Username'], time()+3600);
setcookie("FirstName".$i, $row['FirstName'], time()+3600);
setcookie("Surname".$i, $row['Surname'], time()+3600);
setcookie("School".$i, $row['School'], time()+3600);
setcookie("Framework".$i, $row['Framework'], time()+3600);
setcookie("Account".$i, $row['Account'], time()+3600);
setcookie("Banned".$i, $row['Banned'], time()+3600);
$i++;
}
echo "<p>";
echo $_COOKIE["Username0"];
echo "</p>";
any advice would be appreciated!
Re: need some help with cookies
Posted: Wed Feb 17, 2010 1:48 pm
by flying_circus
mattman098 wrote:any advice would be appreciated!
You should scrap this idea all together.
Cookie's are stored on the client side. If you store an account number, I can go into the cookie (stored on my computer) and change the value. How will your code handle this when I send it back on the next request?
Use sessions. If you are on a shared webhost, just make sure to change the default session storage location.
Re: need some help with cookies
Posted: Wed Feb 17, 2010 1:53 pm
by emmbec
Yes use sessions instead, this is wrong for security reasons...
Re: need some help with cookies
Posted: Wed Feb 17, 2010 1:55 pm
by mattman098
the security really isn't an issue as it's an assignment, not for any business or anything.
and incase you're wondering if i should be getting help online for assignments, i definitely understand cookies, and have used them before etc, i've just never done it in this way, with trying to make the username from concatenation and with loops and sql etc
cheers for your concern over the potential hacking though =P
Re: need some help with cookies
Posted: Wed Feb 17, 2010 2:06 pm
by flying_circus
mattman098 wrote:the security really isn't an issue as it's an assignment, not for any business or anything.
Don't be an under-achiever. (from one under-achiever to another

)
It's hard to figure out exactly why your original attempt doesnt work without seeing all of the code and any errors its producing. You can't set a cookie value and call it within the same script. $_COOKIE doesnt get populated until the next page request. If you refresh the page, does your value show?
Re: need some help with cookies
Posted: Wed Feb 17, 2010 2:32 pm
by mattman098
im not under-acheiving, we're told to be using cookies =]
Code: Select all
<?php
$student_id=$_GET["student_id"];
$password=$_GET["password"];
$fname=$_GET["fname"];
$sname=$_GET["sname"];
$school=$_GET["school"];
$course=$_GET["course"];
$account=$_GET["account"];
$banned=$_GET["banned"];
$con = mysql_connect("DBHOST", "USERNAME", "PASSWORD");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("DBNAME", $con);
$sql="SELECT * FROM users WHERE Username='".$student_id."' OR Password='".$password."' OR FirstName='".$fname."' OR Surname='".$sname."' OR School='".$school."' OR Framework='".$course."' OR AccountLevel='".$account."' OR Banned='".$banned."';";
echo $sql;
$result = mysql_query($sql, $con);
echo "<table border='1'>
<tr>
<th>Username</th>
<th>First Name</th>
<th>Surname</th>
<th>School</th>
<th>Course</th>
<th>Account</th>
<th>Banned</th>
</tr>";
while($row = mysql_fetch_array($result))
{
echo "<td>" . $row['Username'] . "</td>";
echo "<td>" . $row['FirstName'] . "</td>";
echo "<td>" . $row['Surname'] . "</td>";
echo "<td>" . $row['School'] . "</td>";
echo "<td>" . $row['Framework'] . "</td>";
echo "<td>" . $row['AccountLevel'] . "</td>";
echo "<td>" . $row['Banned'] . "</td>";
echo "</tr>";
}
setcookie("cooksies", "valsies", time()+3600);
$i=0;
while($row = mysql_fetch_array($result))
{
setcookie("Username".$i, $row['Username'], time()+3600);
setcookie("FirstName".$i, $row['FirstName'], time()+3600);
setcookie("Surname".$i, $row['Surname'], time()+3600);
setcookie("School".$i, $row['School'], time()+3600);
setcookie("Framework".$i, $row['Framework'], time()+3600);
setcookie("Account".$i, $row['Account'], time()+3600);
setcookie("Banned".$i, $row['Banned'], time()+3600);
$i++;
}
echo "</table>";
echo "<p>";
echo $_COOKIE["Username0"];
echo $_COOKIE["cooksies"];
echo "HELLO";
echo "</p>";
mysql_close($con);
?>
there's the whole PHP file anyways
i didn't realise you had o refresh, so when i did, that cookie i aptly named 'cooksies' displayed it's value, but the ones within the loop still don't...
and sorry for the barely functional code, im still in testing before i ge into a final one =]
Re: need some help with cookies
Posted: Wed Feb 17, 2010 3:26 pm
by flying_circus
mattman098 wrote:im not under-acheiving, we're told to be using cookies =]
Welp, I guess you got me there
setcookie is a header and should be called before any output it displayed to your page. ob_start() should help with this. You can disregard how I modified your code. Simplifying it helps me understand what it does. If your table displays with all of the user's information, the cookies should be set. You should be able to refresh and see what is set.
Code: Select all
<?php
# Start Output Buffering
ob_start();
# Vars
$i=0;
$student_id=$_GET["student_id"];
$password=$_GET["password"];
$fname=$_GET["fname"];
$sname=$_GET["sname"];
$school=$_GET["school"];
$course=$_GET["course"];
$account=$_GET["account"];
$banned=$_GET["banned"];
$con = mysql_connect("DBHOST", "USERNAME", "PASSWORD");
if (!$con)
die('Could not connect: ' . mysql_error());
mysql_select_db("DBNAME", $con);
$sql="SELECT * FROM `users` WHERE `Username`='{$student_id}' OR `Password`='{$password}' OR `FirstName`='{$fname}' OR `Surname`='{$sname}' OR `School`='{$school}' OR `Framework`='{$course}' OR `AccountLevel`='{$account}' OR `Banned`='{$banned}';";
$result = mysql_query($sql, $con);
echo "<table border='1'>
<tr>
<th>Username</th>
<th>First Name</th>
<th>Surname</th>
<th>School</th>
<th>Course</th>
<th>Account</th>
<th>Banned</th>
</tr>";
if($result && mysql_num_rows($result) > 0)
{
while($row = mysql_fetch_array($result))
{
# Set Cookies
setcookie("Username{$i}", $row['Username'], time()+3600);
setcookie("FirstName{$i}", $row['FirstName'], time()+3600);
setcookie("Surname{$i}", $row['Surname'], time()+3600);
setcookie("School{$i}", $row['School'], time()+3600);
setcookie("Framework{$i}", $row['Framework'], time()+3600);
setcookie("Account{$i}", $row['Account'], time()+3600);
setcookie("Banned{$i}", $row['Banned'], time()+3600);
$i++;
# Output Table Data
echo "<tr>";
echo "<td>" . $row['Username'] . "</td>";
echo "<td>" . $row['FirstName'] . "</td>";
echo "<td>" . $row['Surname'] . "</td>";
echo "<td>" . $row['School'] . "</td>";
echo "<td>" . $row['Framework'] . "</td>";
echo "<td>" . $row['AccountLevel'] . "</td>";
echo "<td>" . $row['Banned'] . "</td>";
echo "</tr>";
}
}
else
{
print "Problem with SQL query or no results to return";
}
setcookie("cooksies", "valsies", time()+3600);
echo "</table>";
echo "<p>";
echo $_COOKIE["Username0"];
echo $_COOKIE["cooksies"];
echo "HELLO";
echo "<br />";
var_dump($_COOKIE);
echo "</p>";
mysql_close($con);
?>