Log-ins and Cookies

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
Toneboy
Forum Contributor
Posts: 102
Joined: Wed Jul 31, 2002 5:59 am
Location: Law, Scotland.
Contact:

Log-ins and Cookies

Post by Toneboy »

Hi all. I'm still very much in the process of learning PHP and am wanting to setup a new admin section on my site. However I can't get my head round using the header and setcookie function at the moment.

This is the code I have at the moment for logging in. It doesn't set a cookie but it does work:

Code: Select all

<?php 

echo "
<html>

<head>
<meta http-equiv="Content-Type"
content="text/html; charset=iso-8859-1">
<meta name="description"
content="trulybizarre.co.uk admin section">
<meta name="keywords"
content="trulybizarre.co.uk admin section">
<title>trulybizarre.co.uk | ADMIN | $pagetitle
</title>

<STYLE TYPE="text/css">
P &#123;font: 12pt times, arial;&#125;
td &#123;font: 12pt times, arial;&#125;
H3 &#123;font: bold 14pt arial, times;&#125;
H2 &#123;font: bold 18pt arial, times;&#125;
H1 &#123;font: bold 24pt arial, times;&#125;
</STYLE>
<style>
a:hover&#123;color:#add8e6&#125;
</style>
<STYLE TYPE="text/css">
P.menu &#123;font: 10pt Arial, sans-serif;&#125;
</style>
</head>

<body bgcolor="#FFFFFF" text="#000000"
link="#ff0000" vlink="#ff0000" alink="#eec900">

<script>
window.defaultStatus = "trulybizarre.co.uk admin section"
</script>

<table border="0" cellpadding="5" width="600" align="center">
    <tr>
        <td valign="top" align="center">
	<p><img
        src="admin.jpg"><br><hr>
";

// testline
$content = "This is just a test line.";

	// Check to see if $username already contains info

	if (!isset($username)) &#123;

		// If empty, bring up form.

print ("
<p align="right">
<form action=$PHP_SELF method=post> 
<b>Username:</b> <input type=text name=username SIZE=10 MAXLENGTH=80><br> 
<b>Password:</b> <input type=password name=password SIZE=10 MAXLENGTH=80><br>
<input type=hidden name=sent value=1> 
<input type=submit value="Submit">
<input type=reset value="Reset">
</FORM>
");

	&#125; else if (isset($username)) &#123;

		// If non-empty, check the database for matches
		// connect to MySQL

		mysql_connect("host", "username", "password") 

			or die ("Unable to connect to database.");

		// select database on MySQL server

		mysql_select_db("database") 
			or die ("Unable to select database.");

		// Formulate the query

		$sql = "SELECT *
                FROM newsuser 
                WHERE username='$username' and password='".md5($MD5_PREFIX.$password)."'";

		// Execute the query and put results in $result

		$result = mysql_query($sql);

		// Get number of rows in $result. 0 if invalid, 1 if valid.

		$num = mysql_numrows($result);

		if ($num != "0") &#123;

		// Should move on if log-in is successful.	

echo "

<P align="right"><b>$username LOGGED IN</b>
<P align="left">$content
";

		&#125; else &#123;	

echo "<p align="left">Log-in failed.";

		&#125;

	&#125; 

echo "
<p align="center">
<a href="index.php">Return to admin index</a><br>
<a href="/index.php">Return to main site index</a>
</body>
</html>";

?>
And this was my first attempt at setting a cookie (don't laugh too hard!):

Code: Select all

<?php 
// Note to self - do not leave spaces with header information.
if ($budweiser = "true") &#123;
	$details = $username."+".$password;
 	setcookie("tb_admin", "$details", time()+ "14400");
    $cookie_crumbs = explode('+',$_COOKIE&#1111;'tb_admin']);  
    $username =   $cookie_crumbs&#1111;0];   
    $password =   $cookie_crumbs&#1111;1];
&#125;

echo "
<html>

<head>
<meta http-equiv="Content-Type"
content="text/html; charset=iso-8859-1">
<meta name="description"
content="trulybizarre.co.uk admin section">
<meta name="keywords"
content="trulybizarre.co.uk admin section">
<title>trulybizarre.co.uk | ADMIN | $pagetitle
</title>

<STYLE TYPE="text/css">
P &#123;font: 12pt times, arial;&#125;
td &#123;font: 12pt times, arial;&#125;
H3 &#123;font: bold 14pt arial, times;&#125;
H2 &#123;font: bold 18pt arial, times;&#125;
H1 &#123;font: bold 24pt arial, times;&#125;
</STYLE>
<style>
a:hover&#123;color:#add8e6&#125;
</style>
<STYLE TYPE="text/css">
P.menu &#123;font: 10pt Arial, sans-serif;&#125;
</style>
</head>

<body bgcolor="#FFFFFF" text="#000000"
link="#ff0000" vlink="#ff0000" alink="#eec900">

<script>
window.defaultStatus = "trulybizarre.co.uk admin section"
</script>

<table border="0" cellpadding="5" width="600" align="center">
    <tr>
        <td valign="top" align="center">
	<p><img
        src="admin.jpg"><br><hr>
";

// testline
$content = "This is just a test line.";

	// Check to see if $username already contains info

	if (!isset($username)) &#123;

		// If empty, bring up form.

print ("
<p align="right">
<form action=$PHP_SELF method=post> 
<b>Username:</b> <input type=text name=username SIZE=10 MAXLENGTH=80><br> 
<b>Password:</b> <input type=password name=password SIZE=10 MAXLENGTH=80><br>
<input type=hidden name=sent value=1> 
<input type=submit value="Submit">
<input type=reset value="Reset">
</FORM>
");

	&#125; else if (isset($username)) &#123;

		// If non-empty, check the database for matches
		// connect to MySQL

		mysql_connect("host", "username", "password") 

			or die ("Unable to connect to database.");

		// select database on MySQL server

		mysql_select_db("database") 
			or die ("Unable to select database.");

		// Formulate the query

		$sql = "SELECT *
                FROM newsuser 
                WHERE username='$username' and password='".md5($MD5_PREFIX.$password)."'";

		// Execute the query and put results in $result

		$result = mysql_query($sql);

		// Get number of rows in $result. 0 if invalid, 1 if valid.

		$num = mysql_numrows($result);

		if ($num != "0") &#123;

		// Should move on if log-in is successful.	

$budweiser = "true";

echo "

<P align="right"><b>$username LOGGED IN</b>
<P align="left">$content
<p align="center">
<a href="index.php">Return to admin index</a><br>
<a href="/index.php">Return to main site index</a>
</body>
</html>
";

		&#125; else &#123;	

echo "<p align="left">Log-in failed.";

		&#125;

	&#125; 

?>
At the moment the second set of code is automatically bringing up the message "Log-in failed". I'm guessing that the cookie is saving the password as an md5, and then md5-ing it again, but I'm not entirely sure. Anyone got any better ideas on how to set a cookie here?
User avatar
mydimension
Moderator
Posts: 531
Joined: Tue Apr 23, 2002 6:00 pm
Location: Lowell, MA USA
Contact:

Post by mydimension »

when you set a cookie, its contents are not avialable within the same instance of the page. in your code:

Code: Select all

setcookie("tb_admin", "$details", time()+ "14400");
$cookie_crumbs = explode('+',$_COOKIE&#1111;'tb_admin']);
that second line won't work because $_COOKIE['tb_admin'] dosen't exist yet and won't exist until that script ends. hope thats clear for ya.
Post Reply