Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
hi! I'm fairly new to the forum and to php as well I have a little problem with cookies. My browser has cookies enabled and I have checked my code numerous times. I'm not sending anything to browser (firefox on xp) before the setcookie statements, yet I can't seem to send a cookie to the browser. I can tell no cookies are sent because loggedin.php redirects me to index.php instead of displaying a logged in message every time I test it. can anyone help? here's my code and some other code it references....Code: Select all
<?php # login.php
if(isset($_POST['submitted'])) {
require_once('../mysql_connect.php');
$errors = array();
// Check for an email address
if(empty($_POST['user_email'])) {
$errors[] = 'You forgot to enter your email address.';
}
else {
$em = escape_data($_POST['user_email']);
}
// Check for a password
if(empty($_POST['user_password'])) {
$errors[] = 'You forgot to enter your password.';
}
else {
$p = escape_data($_POST['user_password']);
}
if(empty($errors)) {
//if every thing is ok
//retrieve user id and first name for that email/password
$query = "SELECT user_id, user_first_name FROM users WHERE user_email = '$em' AND user_password = SHA('$p')";
$result = @mysql_query($query);
$row = mysql_fetch_array($result, MYSQL_NUM);
if ($row) {
//if a record was pulled
// set the cookies
setcookie('user_id', $row[0]);
setcookie('user_first_name', $row[1]);
.....?>Code: Select all
<?php # mysql_connect.php
// contains database access info
DEFINE ('DB_USER','appuser');
DEFINE ('DB_PASSWORD','appuser');
DEFINE ('DB_HOST','localhost');
DEFINE ('DB_NAME','mysite');
// make trhe connection
$dbc = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) OR die ('Could not connect to MySql: '.mysql_error());
mysql_select_db(DB_NAME) OR die ('Could not select the database: '.mysql_error());
//Function for escaping data
function escape_data($data){
//Address magic quotes
if(ini_get('magic_quotes_gpc')){
$data = stripslashes($data);
}
//Check for mysql_real_escape_string() support
if(function_exists('mysql_real_escape_string')){
global $dbc; // need db connection
$data = mysql_real_escape_string(trim($data), $dbc);
}
else {
$data = mysql_escape_string(trim($data));
}
//retiur the escaped value
return $data;
}
?>Code: Select all
<?php # loggedin.php
if(!isset($_COOKIE["user_id"])) {
$url = 'http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
if((substr($url, -1) == '/') OR (substr($url, -1) =='\\')) {
$url = substr($url, 0, -1);
}
$url .= '/index.php';
header("Location: $url");
exit();
}
$page_title = 'Logged in!';
include('./includes/header.html');
echo "<h1>Logged in!</h1>
<p>You are now logged in, {$_COOKIE['user_first_name']}!</p>
<p><br/><br/></p>";
include('./includes/footer.html');
?>feyd | Please use
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]