SOLVED - Session or Cookie?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

User avatar
johnperkins21
Forum Contributor
Posts: 140
Joined: Mon Oct 27, 2003 4:57 pm

SOLVED - Session or Cookie?

Post by johnperkins21 »

Hello everybody. I'm setting up a site for my online madden league that has a login for everybody in the league. On the main page, it accesses the database and gets all sorts of results based on what person is visiting the page (i.e. schedule, scores, etc). Right now I just have a variable called $userid that relates to a user in the database.

What I want to do is have everybody log in, and store their userid as a cookie and pass the variable along through a session id. The thing is that I don't want the cookie or the session to expire. I want them to only have to log in once, and I'm not sure how to go about it. Everything I look at says that session cookies expire on browser exit. I'm just looking for a head start here, any help would be greatly apprciated.

Thanks,
John
Last edited by johnperkins21 on Fri Mar 12, 2004 11:15 am, edited 1 time in total.
TheBentinel.com
Forum Contributor
Posts: 282
Joined: Wed Mar 10, 2004 1:52 pm
Location: Columbus, Ohio

Re: Session or Cookie?

Post by TheBentinel.com »

johnperkins21 wrote:Everything I look at says that session cookies expire on browser exit.
Cookies aren't tied to sessions, though sessions depend on cookies. You can drop a cookie with the userid in it and even if they reboot, when they return you'll get the cookie and so have the userid.

Code: Select all

// prior to any output, above the <html> tag and everything else
  setcookie("userid", "$userid", time()+315360000, "/", "domain.com");
The next time the user requests a page from your site, they'll pass you that cookie.
User avatar
johnperkins21
Forum Contributor
Posts: 140
Joined: Mon Oct 27, 2003 4:57 pm

Post by johnperkins21 »

Thanks. I noticed that there is still a tim() element, so the cookie will eventually expire? Do you just throw a number at it so huge that it takes a long time before it expires?

Appreciate the help.
TheBentinel.com
Forum Contributor
Posts: 282
Joined: Wed Mar 10, 2004 1:52 pm
Location: Columbus, Ohio

Post by TheBentinel.com »

johnperkins21 wrote:Do you just throw a number at it so huge that it takes a long time before it expires?
Yep, you got it. I just copied that one from the Help file, I'm not sure how big it is. It looked big, though, so I grabbed it.

Running it through a calculator now, it looks like it expires in ten years. That ought to be sufficient, eh? :-)
User avatar
johnperkins21
Forum Contributor
Posts: 140
Joined: Mon Oct 27, 2003 4:57 pm

Post by johnperkins21 »

Thanks again!
User avatar
tim
DevNet Resident
Posts: 1165
Joined: Thu Feb 12, 2004 7:19 pm
Location: ohio

Post by tim »

time is in seconds.

3600 seconds / 60 seconds in a minute = one hour. and so forth

if you wanted to know
User avatar
johnperkins21
Forum Contributor
Posts: 140
Joined: Mon Oct 27, 2003 4:57 pm

Post by johnperkins21 »

Thanks. I've kind of got it working, but I can't seem to get the value from the cookie. Here is my code:

login.php

Code: Select all

<?php
include "db_connect.inc";

if ($_POST['loginid'] == '' or $_POST['pass'] == '') {
	echo "<html><head>";
	echo "<META http-equiv="refresh" content="3; URL=http://tenyardfight.mutedsound.com">";
	echo "</head></html>";
} else {
		$userid = $_POST['loginid'];
		$pass = $_POST['pass'];
		$user_check_handle = mysql_query("SELECT * FROM Users WHERE UserName = '$userid'");
		$user_check_data = mysql_fetch_row($user_check_handle);
		if ($user_check_data[0] > 0) {
			if ($pass == "$user_check_data[3]") {
				setcookie("playerid", "$user_check_data[1]", time()+315360000, "/", ".mutedsound.com"); 
				echo "<html><head>";
				echo "<META http-equiv="refresh" content="3; URL=http://tenyardfight.mutedsound.com">";
				echo "</head><body>";
				echo "logging you in. hang tight.";
				echo "</body></html>";
			} else {
				echo "You have entered the wrong password. Please login again.";
			}
		} else {
			echo "You have entered the wrong userid. Please login again.";
		}
}

?>

index.php

Code: Select all

<?php
$userid = $_COOKIE["playerid"];

?>
The variable is not getting set. I've looked through the cookies on my machine and it's in there, but it's named pma_cookie_username for some odd reason. The right info is in there, but I can't access it. Any ideas?? Thanx.
User avatar
tim
DevNet Resident
Posts: 1165
Joined: Thu Feb 12, 2004 7:19 pm
Location: ohio

Post by tim »

u dont need to put quotes around the value in the setcookie

Code: Select all

<?php
setcookie("playerid", $user_check_data[1], time()+315360000, "/", ".mutedsound.com"); 
?>
you would if you wanted to just add a text, ie:

Code: Select all

<?php
setcookie("playerid", "hello I like beer", time()+315360000); 

echo $_COOKIE["playerid"];
// this would echo "hello I like beer";
?>
User avatar
johnperkins21
Forum Contributor
Posts: 140
Joined: Mon Oct 27, 2003 4:57 pm

Post by johnperkins21 »

Sweet, that worked. Thanks again!

Well, it worked for firefox anyway. Now to figure out why it won't set in IE.

changed login.php

Code: Select all

<?php
include "db_connect.inc";

if ($_POST['loginid'] == '' or $_POST['pass'] == '') {
	echo "<html><head>";
	echo "<META http-equiv="refresh" content="3; URL=http://tenyardfight.mutedsound.com">";
	echo "</head></html>";
} else {
		$userid = $_POST['loginid'];
		$pass = $_POST['pass'];
		$user_check_handle = mysql_query("SELECT * FROM Users WHERE UserName = '$userid'");
		$user_check_data = mysql_fetch_row($user_check_handle);
		if ($user_check_data[0] > 0) {
			if ($pass == "$user_check_data[3]") {
				setcookie("playerid", $user_check_data[1], time()+315360000, "/", ".mutedsound.com"); 
				echo "<html><head>";
				echo "<META http-equiv="refresh" content="3; URL=http://tenyardfight.mutedsound.com">";
				echo "</head><body>";
				echo "logging you in. hang tight.";
				echo "</body></html>";
			} else {
				echo "You have entered the wrong password. Please login again.";
			}
		} else {
			echo "You have entered the wrong userid. Please login again.";
		}
}
?>
Last edited by johnperkins21 on Thu Mar 11, 2004 6:42 pm, edited 1 time in total.
User avatar
tim
DevNet Resident
Posts: 1165
Joined: Thu Feb 12, 2004 7:19 pm
Location: ohio

Post by tim »

welcome 8)
User avatar
johnperkins21
Forum Contributor
Posts: 140
Joined: Mon Oct 27, 2003 4:57 pm

Post by johnperkins21 »

Darn thing isn't working in IE. Won't set the cookie. Does IE 6 deal with it differently?

updated login.php

Code: Select all

<?php
include "db_connect.inc";

if ($_POST['loginid'] == '' or $_POST['pass'] == '') {
   echo "<html><head>";
   echo "<META http-equiv="refresh" content="3; URL=http://tenyardfight.mutedsound.com">";
   echo "</head></html>";
} else {
      $userid = $_POST['loginid'];
      $pass = $_POST['pass'];
      $user_check_handle = mysql_query("SELECT * FROM Users WHERE UserName = '$userid'");
      $user_check_data = mysql_fetch_row($user_check_handle);
      if ($user_check_data[0] > 0) {
         if ($pass == "$user_check_data[3]") {
            setcookie("playerid", $user_check_data[1], time()+315360000, "/", ".mutedsound.com");
            echo "<html><head>";
            echo "<META http-equiv="refresh" content="3; URL=http://tenyardfight.mutedsound.com">";
            echo "</head><body>";
            echo "logging you in. hang tight.";
            echo "</body></html>";
         } else {
            echo "You have entered the wrong password. Please login again.";
         }
      } else {
         echo "You have entered the wrong userid. Please login again.";
      }
}
?>



?>
TheBentinel.com
Forum Contributor
Posts: 282
Joined: Wed Mar 10, 2004 1:52 pm
Location: Columbus, Ohio

Post by TheBentinel.com »

johnperkins21 wrote:Darn thing isn't working in IE. Won't set the cookie. Does IE 6 deal with it differently?
What's it doing, John? Does it not create the cookie at all, just ignoring your cookie request altogether? You might want to clear your cookies completely, close your browser, fire it back up, then visit your page again. Then if it's creating the cookie in some odd-ball fashion, you'll see it.
User avatar
johnperkins21
Forum Contributor
Posts: 140
Joined: Mon Oct 27, 2003 4:57 pm

Post by johnperkins21 »

I cleared out my cookies and tried it, and it doesn't create the cookie at all. I see the message "loggin you in." so it should be executing the setcookie() function. I have put a "print_r($_COOKIE);" on my index page to see what the cookie is set to, and now it just says ARRAY().

I am so very confused. I've also tried running it at home, and completely turned off my local security so I accept all cookies, and still nothing. It's weird that it worked that one time, and then it stopped. I don't think I changed anything other than what you told me about the quotes. Any ideas??

Thanks again, it's great to have other people willing to help out like this.
TheBentinel.com
Forum Contributor
Posts: 282
Joined: Wed Mar 10, 2004 1:52 pm
Location: Columbus, Ohio

Post by TheBentinel.com »

johnperkins21 wrote:I cleared out my cookies and tried it, and it doesn't create the cookie at all. I see the message "loggin you in." so it should be executing the setcookie() function. I have put a "print_r($_COOKIE);" on my index page to see what the cookie is set to, and now it just says ARRAY().

I am so very confused. I've also tried running it at home, and completely turned off my local security so I accept all cookies, and still nothing. It's weird that it worked that one time, and then it stopped. I don't think I changed anything other than what you told me about the quotes. Any ideas??

Thanks again, it's great to have other people willing to help out like this.
Remember that a cookie is only visible to your script on the next visit. If you do a setcookie, then try to read its value in the same script, it won't be there.

The $_COOKIE thing is an array of the cookies sent from the browser, that's why it displays "array" when you print it. You need to tell it you're interested in a particular cookie. I don't know the syntax, but it's probably on the order of:
print $_COOKIE["MyCookie"]

Still, though, the problem is that you're not getting a cookie at all.

How about writing a short stub script that only sets a cookie and see if that works?

Code: Select all

<html>
Setting a cookie...<br>
<?php
  setcookie("MyCookie", "MyValue", time + 10000, "/", ".mutedsound.com");
?>
cookie should be there!<br>
</html>
Tweak that until the cookie's dropping, then you're ready to plug it into your main script.
User avatar
johnperkins21
Forum Contributor
Posts: 140
Joined: Mon Oct 27, 2003 4:57 pm

Post by johnperkins21 »

Ok, still having problems. Here's what happened.

After it worked the first time in Firefox, it wouldn't work in IE. So I deleted the cookie in Firefox and tried it again, and it wouldn't reset. I looked in the logs and I got the following error:

PHP Warning: Cannot add header information - headers already sent by (output started at /tenyardfight/db_connect.inc:11) in /tenyardfight/login.php on line 19

I could not figure this out. Here's the login.php and db_connect.inc:
db_connect:

Code: Select all

<?php
$db="TenYardFight";
$db_stage=mysql_connect("mysql","fakeid","imnotpostingmypassword");
mysql_select_db($db,$db_stage);
if (!$db_stage) {
   die('Could not connect: ' . mysql_error());
}

?>
login.php:

Code: Select all

<?php
include "db_connect.inc";

if ($_POST['loginid'] == '' or $_POST['pass'] == '') {
	echo "<html><head>";
	echo "<META http-equiv="refresh" content="3; URL=http://tenyardfight.mutedsound.com">";
	echo "</head></html>";
} else {
		$userid = $_POST['loginid'];
		$pass = $_POST['pass'];
		$user_check_handle = mysql_query("SELECT * FROM Users WHERE UserName = '$userid'");
		$user_check_data = mysql_fetch_row($user_check_handle);
		if ($user_check_data[0] > 0) {
			if ($pass == "$user_check_data[3]") {
				setcookie("playerid", $user_check_data[1], time()+315360000, "/", ".mutedsound.com"); 
				echo "<html><head>";
				echo "<META http-equiv="refresh" content="3; URL=http://tenyardfight.mutedsound.com">";
				echo "</head><body>";
				echo "logging you in. hang tight.";
				echo "</body></html>";
			} else {
				echo "You have entered the wrong password. Please login again.";
			}
		} else {
			echo "You have entered the wrong userid. Please login again.";
		}
}
?>

So I decided to change my code to have a page that just sets the cookie with the variable that I pass through to it. So here is what I have now:

login.php:

Code: Select all

<?php
include "db_connect.inc";

if ($_POST['loginid'] == '' or $_POST['pass'] == '') {
   echo "<html><head>";
   echo "<META http-equiv="refresh" content="3; URL=http://tenyardfight.mutedsound.com">";
   echo "</head></html>";
} else {
      $userid = $_POST['loginid'];
      $pass = $_POST['pass'];
      $user_check_handle = mysql_query("SELECT * FROM Users WHERE UserName = '$userid'");
      $user_check_data = mysql_fetch_row($user_check_handle);
      if ($user_check_data[0] > 0) {
         if ($pass == "$user_check_data[3]") {
			 $cookie_data = $user_check_data[1];
			 $cookie_life = time() + 31536000;
			 $path = '/';
			 $hostname = '.mutedsound.com';
           
             ?>
			 <html><head>
             <META http-equiv="refresh" content="0"; URL=http://tenyardfight.mutedsound.com\setcookie.php>
			 </head><body>
			 <form method=Post>
			 <input type="hidden" name="playerid_data" value="<? echo $cookie_data; ?>"></form>
             logging you in. hang tight.
             </body></html>
			 <?
         } else {
            echo "You have entered the wrong password. Please login again.";
         }
      } else {
         echo "You have entered the wrong userid. Please login again.";
      }
}

?>
setcookie.php:

Code: Select all

<?php
<?
$cookie_data = $_POST['playerid_data'];
$cookie_life = time() + 31536000;
$path = '/';
$hostname = '.mutedsound.com';
setcookie('playerid', $cookie_data, $cookie_life, $path, $hostname);
?>
			 <html><head>
             <META http-equiv="refresh" content="0"; URL=http://tenyardfight.mutedsound.com\>
			 </head><body>
             logging you in. hang tight.
             </body></html>
?>
It still won't set, and the error I see now is:

%% [Fri Mar 12 08:16:37 2004] POST /login.php HTTP/1.1
%% 404 /z/dr/johnperkins21/us1/login.php
%error
script not found or unable to stat


I am completely lost. Sorry for the long post, but I'm trying to explain my problem as thoroughly as possible. I appreciate any and all help/advice.
Post Reply