check cookie to login

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
glennn3
Forum Commoner
Posts: 63
Joined: Sat Sep 20, 2003 8:43 pm

check cookie to login

Post by glennn3 »

i have a basic login script to get into "index.php" that sets a cookie when the user/pwd matches that in a db like so:

Code: Select all

...
if($row=mysql_fetch_object($Result))

	{
		setcookie('username', $username, time()+(60*60*24*30), '/', '', 0);
		print("<script language="javascript">
				top.location="index.php";
				</script>");
	}
but i've discovered that something is missing from "index.php" that would check for said cookie to prevent access, thereby allowing access regardless... could someone show me what code would do such a thing (check for this cookie before allowing access...) ?

i thank you much,
glenn
SBukoski
Forum Contributor
Posts: 128
Joined: Wed May 21, 2003 10:39 pm
Location: Worcester, MA

Post by SBukoski »

You can usually check your COOKIE variable to see if it is set. For example:

Code: Select all

if (isset($HTTP_COOKIE_VARS&#1111;'username'])) &#123;
  // Do something
&#125;
That will check the cookies to see if the username cookie is already present on the users machine.
glennn3
Forum Commoner
Posts: 63
Joined: Sat Sep 20, 2003 8:43 pm

Post by glennn3 »

thanks much.
glennn3
Forum Commoner
Posts: 63
Joined: Sat Sep 20, 2003 8:43 pm

Post by glennn3 »

yeah, i just did this :

if ( ! isset($HTTP_COOKIE_VARS['username'])) {
print("<script language=\"javascript\">
top.location=\"login.php\";
</script>");

}

cookie stays set until the browser is closed or a logout function, right?

thanks
SBukoski
Forum Contributor
Posts: 128
Joined: Wed May 21, 2003 10:39 pm
Location: Worcester, MA

Post by SBukoski »

Cookies stay set until the specified time expires. You're thinking of Sessions which expire when the browser window closes. But yes, in your logout function you can delete the cookie by setting its expirey time to something in the past.
shadow_blade47
Forum Newbie
Posts: 12
Joined: Fri Nov 07, 2003 3:41 am

cookies

Post by shadow_blade47 »

there a way of setting a cookie so it deletes itself when the browser is closed? cheers...

and also, I'm trying to put the following code at the top of each page to check to make sure a cookie has been set, if it hasn't i want it to send the user to my access denied page.

if ( ! isset($HTTP_COOKIE_VARS['user_name'])) {
print("<script language=\"javascript\">
top.location=\"accessdenied.php\";
</script>");

}

Is that right? or am i checking that the cookie isn't set there?
d3ad1ysp0rk
Forum Donator
Posts: 1661
Joined: Mon Oct 20, 2003 8:31 pm
Location: Maine, USA

Post by d3ad1ysp0rk »

if you want something to store the variables until the user closes the window, use sessions

cookies are for long term things, like if the user wants to stay logged in even when they return to the site next week
glennn3
Forum Commoner
Posts: 63
Joined: Sat Sep 20, 2003 8:43 pm

right -

Post by glennn3 »

right - this >>

" if (!isset( ..."

is checking that the cookie is not set... vice " if (isset( ..."

this >>

" setcookie('username', $username, time()+(60*60*24*30), '/', '', 0); "

seems to set a cookie that dies when i close my browser, because when i reopen it i have to login back in. someone in here who knows more than me can confirm or deny this...
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Post by JAM »

It should not, as you pass on the lifetime value.
Lookup session_start() and go from there. Sessions works as cookies, but will surely be destroyed upon browser closedown.
glennn3
Forum Commoner
Posts: 63
Joined: Sat Sep 20, 2003 8:43 pm

Post by glennn3 »

one of the things i love most about these things (computers) is the distinct and established segregated relationship between the words "should" (or "should not") and "do" (or "do not")...

what should not be happening in fact often does. for whatever reason, when i close and reopen my browser i am indeed forced to relogin here, whether i should have to or not.

also, i find that when this is the case ("should" being bested by "is") it is INVARIABLY something i've overlooked - these things simply do what they're told, don't they?


don't they...?



HAL?







HAL...........?
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Post by JAM »

Then note the fun thing about being a programmer, trying to help others with issues...;
You cannot everytime test the code the user has an issue with.

You can have 14 settings in the php.ini file that I have differently. Then there is the way you setup Apache (if using Apache at all?), then the issue of extensions thats being loaded etc. etc. aso.

Hence the "should"-word often mentioned. In this case "should" is a very correct statement, as there are ways to kill the cookie on browser closing time (just as sessions), altho that is settings configuration.

What does HAL mean?
glennn3
Forum Commoner
Posts: 63
Joined: Sat Sep 20, 2003 8:43 pm

Post by glennn3 »

HAL (note one letter offset of IBM...) was the name of the computer in the 1960's very famous film "2001: A Space Oddity" (written by Arthur C Clark, i think) that maintained its own intellect and decision making processes, whereby it ended up manipulating a few of the men on board the space-craft. It had some very philosphical discussions with some of the men; very good film, written in the 60's, remember, when computers were the size of small space-craft.

I know little about php, enough to cut and paste, and all i know is when i close my browser i have to log back in - that's why i qualified my comments with the fact that invariably it is user config because these machines only do what we tell them to.

except for HAL...

i have a post about my problems getting http://localhost to give me anything after installing apache on winxp i wonder if you'd help me with... it's quite frustrating because it says my services are running fine...

thanks
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

2001: A Space Oddity
Apologies for going completely OT, but it's '2001: A Space Odyssey' :) (great book by the way).

Mac
Post Reply