Page 1 of 1

simple login page, cookie and session problems

Posted: Fri Sep 23, 2005 4:48 pm
by sheepz
feyd | Please use

Code: Select all

and

Code: Select all

tags where approriate when posting code. Read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]


Hello, I know this is probably a very simple problem.  I'm probably missing something in the code but here is what i have 3 files to test

adam_login.html = this is static username=adam    password=password   (no sql query)
sessionTEST.php
session1.php

I can get the adam_login.html to work correctly and this accesses sessionTEST.php.  sessionTEST.php has cookies and sessions that i'm trying to use for authentication through the rest of the website.  When I do an "echo $session[valid], $cookie_name, $cookie_value" on sessionTEST.php I get the correct values.  So there's a link in sessionTEST.php that links to session1.php.  When trying to do the same echo command for "echo $session[valid], $cookie_name, $cookie_value" on session1.php, I do not get any of those values.  It seems to me that since the cookie and sessions are set in sessionTEST.php why does it not carry over to the internal links like session1.php?

here is the code for adam_login.html:

Code: Select all

<HTML>

<HEAD>
<TITLE>test</TITLE>
</HEAD>
<BODY>

<h1>evil sheep</h1>

<!-- Using POST method, PHP file to access and ENCTYPE to process more than just text -->
<FORM METHOD="post" ACTION="sessiontest.php"


<!-- create artist fname box -->
<TABLE BORDER="2" BORDERCOLOR="#336699" CELLPADDING="2" CELLSPACING="1" WIDTH="20%">
<tr>
<td valign=top>
<p><strong>Login name:</strong><br>
<INPUT TYPE="text" NAME="username" SIZE=20 maxlength=20></p>
</td>

<!-- create artist lname box -->
<td valign=bottom colspan=2>
<p><strong>Passw0rd:</strong><br>
<INPUT TYPE="password" NAME="password" SIZE=20 maxlength=20></p>
</td>
</tr>


<!-- Notes text field area and submit button -->
<tr>
<td valign=top colspan=2 align=center>
<p><strong>Adams Notes:</strong><br>
<textarea name="my_notes" cols=35 rows=5 wrap=virtual></textarea></p>
<INPUT TYPE="submit" NAME="submit" value="login"></p>
</td>
</tr>
</table>


</FORM></BODY></HTML>

here is the sessionTEST.php code:

<?

// IF statement for username and password entry

IF ((!$_POST[username]) || (!$_POST[password]))
    {
      header("Location: adam_login.html");
      exit;
    }

// check auth
IF (($_POST[username] == "adam") && ($_POST[password] == "password"))
    {

      // setup cookies for authentication
      $cookie_name = "adam";
      $cookie_value = "ok";
      $cookie_expire = "0";
      $cookie_domain = "127.0.0.1";
      setcookie($cookie_name, $cookie_value, $cookie_expire, "/" , $cookie_domain, 0);

      session_start();
      $_SESSION[valid] = "yes";
      
      $display_block="
      <h1>my Menu</h1>
      <p><strong>My Music</strong></p>

      <!-- Admin list of php scripts to run and order the sql query -->
      <ul>
      <li><a href=session1.php> session1 </a>
      <li><a href=session2.php> session2 </a>
      <li><a href=directions.html> direction </a>
      <li><a href=sel_byartist.php> Order by artist </a>
      </ul>";
    }
    ELSE
    {
      header("Location: adam_login.html");
      exit;
    }

?>

<html>
<head>
<title>Testing</title>
</head>
<body>

<?

echo "$display_block";
echo "$_SESSION[valid], $cookie_name, $cookie_value";

?>


</body>
<html>

here is the session1.php code:

<?

echo "$_SESSION[valid], $cookie_name, $cookie_value";

?>
I don't understand how session1.php that is a link of sessionTEST.php does not receive session and cookie values? thanks for the help =)


feyd | Please use

Code: Select all

and

Code: Select all

tags where approriate when posting code. Read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]

Posted: Wed Oct 19, 2005 10:51 am
by kendall
Hey Man,

i think u need to call session_start() at the begining of each page that needs to check the session

secondly the cookie time limit is 0? so it is set to expire ASAP. i think u need to set a time()*60*60 on it...see the PHP set_cookie() part of the manule