quick cookies question

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
$var
Forum Contributor
Posts: 317
Joined: Thu Aug 18, 2005 8:30 pm
Location: Toronto

quick cookies question

Post by $var »

can you accept more than one cookie? say i have different user access levels, and 2 of 3 can see a specific page... can I do this?

<? ob_start();?>

<? if($_COOKIE["ID1","ID2"] == "")
{
header("Location: http://www.domain.com/login.php");
exit;
}?>
User avatar
infolock
DevNet Resident
Posts: 1708
Joined: Wed Sep 25, 2002 7:47 pm

Re: quick cookies question

Post by infolock »

$var wrote:can you accept more than one cookie? say i have different user access levels, and 2 of 3 can see a specific page... can I do this?

<? ob_start();?>

<? if($_COOKIE["ID1","ID2"] == "")
{
header("Location: http://www.domain.com/login.php");
exit;
}?>
yeah, but you'd have to do it this way :

Code: Select all

<? if($_COOKIE["ID1"] == "" && $_COOKIE["ID2"] == "") {
	header("Location: http://www.domain.com/login.php");
	exit;
}
?>
although a better method would be :

Code: Select all

<?
   //didn't know if you were checking AND or OR, so here is both...
  //if(isset($_COOKIE["ID1"]) || isset($_COOKIE["ID2"])) {
  if(isset($_COOKIE["ID1"]) && isset($_COOKIE["ID2"])) {
	header("Location: http://www.domain.com/login.php");
	exit;
}
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Post by josh »

Like infolock said, yes you can accept multiple cookies like that, but remember a user can edit a cookie with the intention of granting himself access... sessions might be the way to go.

Code: Select all

if ($_SESSION['id1'] && $_SESSION['id2'])
User avatar
$var
Forum Contributor
Posts: 317
Joined: Thu Aug 18, 2005 8:30 pm
Location: Toronto

Post by $var »

jshpro,

that's an interesting thing that I have never thought. so, how do you pass a session id?
this is how i am getting the cookie:

Code: Select all

setcookie ("ID", $accessresults["ID"]);
I know how to set the session save path:

Code: Select all

session_save_path("");
	session_start;
However, that just sends the session info to a folder for safe keeping...
What do I do to get the session ID?
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Post by josh »

instead of setting values in the cookie, you just do this:


$_SESSION['id1'] = $id1;
$_SESSION['id2'] = $id2;


Make sure you either include session_start() on the top of every page, or turn session.auto_start to on in php.ini
User avatar
$var
Forum Contributor
Posts: 317
Joined: Thu Aug 18, 2005 8:30 pm
Location: Toronto

Post by $var »

can we start from the authentication page:

Code: Select all

$sql = "SELECT * FROM Members WHERE Name='".$_POST["name"]."' AND Password='".$_POST["password"]."' AND Access='1'";
		if(!$result = mysql_query($sql))
		{
			echo mysql_error();
		}
	if(!($accessresults = mysql_fetch_array($result)))
	{
		$errmsg = "Please try again.";
	}
	else
	{
		setcookie ("ID", $accessresults["ID"]);
         	header("Location: http://www.thedomain.com/admin/salesaccess.php");
		exit;
	}
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Post by josh »

yup

Code: Select all

setcookie ("ID", $accessresults["ID"]);
is the line youll need to convert
Post Reply