Page 1 of 1

can any one please help with a cookie problem?

Posted: Tue Aug 21, 2007 10:18 pm
by cem_02
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


hi! I'm fairly new to the forum and to php as well I have a little problem with cookies. My browser has cookies enabled and I have checked my code numerous times. I'm not sending anything to browser (firefox on xp) before the setcookie  statements, yet I can't seem to send a cookie to the browser. I can tell no cookies are sent because loggedin.php redirects me to index.php instead of displaying a logged in message every time I test it. can anyone help? here's my code and some other code it references....

Code: Select all

<?php # login.php
if(isset($_POST['submitted'])) {

		require_once('../mysql_connect.php');
		$errors = array();
		
		// Check for an email address
		if(empty($_POST['user_email'])) {
			$errors[] = 'You forgot to enter your email address.';
		}
		else {
			$em = escape_data($_POST['user_email']);
		}

		// Check for a password
		if(empty($_POST['user_password'])) {
			$errors[] = 'You forgot to enter your password.';
		}
		else {
			$p = escape_data($_POST['user_password']);
		}

		if(empty($errors)) {

			//if every thing is ok
			//retrieve user id and first name for that email/password

			$query = "SELECT user_id, user_first_name FROM users WHERE user_email = '$em' AND user_password = SHA('$p')"; 
			$result = @mysql_query($query);
			$row = mysql_fetch_array($result, MYSQL_NUM);

			if ($row) {
				//if a record was pulled 
				// set the cookies
				setcookie('user_id', $row[0]);
				setcookie('user_first_name', $row[1]); 
.....?>
the login.php references mysql_connect.php....checked it too

Code: Select all

<?php # mysql_connect.php
// contains database access info 

DEFINE ('DB_USER','appuser');
DEFINE ('DB_PASSWORD','appuser');
DEFINE ('DB_HOST','localhost');
DEFINE ('DB_NAME','mysite');

// make trhe connection
$dbc = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) OR die ('Could not connect to MySql: '.mysql_error());

mysql_select_db(DB_NAME) OR die ('Could not select the database: '.mysql_error());

//Function for escaping data
function escape_data($data){

	//Address magic quotes
	if(ini_get('magic_quotes_gpc')){
		$data = stripslashes($data);
	}

	//Check for mysql_real_escape_string() support
	if(function_exists('mysql_real_escape_string')){
		global $dbc; // need db connection
		$data = mysql_real_escape_string(trim($data), $dbc);

	}
	else {
		$data = mysql_escape_string(trim($data));
	}
	//retiur the escaped value
	return $data;
}
?>
and finally loggedin.php...

Code: Select all

<?php # loggedin.php
if(!isset($_COOKIE["user_id"])) {

	$url = 'http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
	if((substr($url, -1) == '/') OR (substr($url, -1) =='\\')) {
		$url = substr($url, 0, -1);
	}
	$url .= '/index.php';
	header("Location: $url");
	exit();
}

$page_title = 'Logged in!';
include('./includes/header.html');

echo "<h1>Logged in!</h1>
<p>You are now logged in, {$_COOKIE['user_first_name']}!</p>
<p><br/><br/></p>";
include('./includes/footer.html');
?>
I've been over these over and over and can't seem to get it right. If anyone can tell me what I'm doing wrong, I'd greatly appreciated. Thanks!!


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Posted: Tue Aug 21, 2007 10:34 pm
by iknownothing
please use correct tags so we can read it better (eg. PHP, Code, Syntax)

Other than that, I was unaware "SHA" was a function, I only know of "sha1", maybe it is infact not drawing any results because of this...

Also, don't use the error suppressant "@". Just make your code error free.

still not working

Posted: Wed Aug 22, 2007 9:26 pm
by cem_02
I checked the result of the SQL query, and it is returning the right values. I also changed my code:

Code: Select all

$query = "SELECT user_id, user_first_name FROM users WHERE user_email = '$em' AND user_password = sha1('$p')"; 
			$result = mysql_query($query);
			$row = mysql_fetch_array($result, MYSQL_NUM);

			if ($row) {
				//if a record was pulled 
				// set the cookies
				setcookie('user_id', $row[0], time()+3600, '/', 'localhost', 0);
				setcookie('first_name', $row[1], time()+3600, '/', 'localhost', 0);

				//redirect the user to the logged in page
				//start defining the url
				$url = 'http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);

				//Check for a trailing slash
				if((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
					$url = substr($url, 0, -1);
				}
				//ad the page 
				$url .= '/loggedin.php';

				header("Location: $url");
				exit();

			}
And the cookies are still not being set because logged.php redirects me to index.php. I tested the $_COOKIE array with

Code: Select all

<?php #stcookie.php
setcookie('user_name', 'fred');
print_r($_COOKIE); ?>
and it returned

Code: Select all

Array( )

Posted: Wed Aug 22, 2007 9:48 pm
by tecktalkcm0391

Code: Select all

<?php #stcookie.php
setcookie('user_name', 'fred');
print_r($_COOKIE); ?>
and it returned

Code: Select all

Array( )
You can't call for the $_COOKIE because the cookie hasn't been sent to the browser... try something like

Code: Select all

<?php #stcookie.php
ob_start(); // starts buffer
setcookie('user_name', 'fred');
header("Location: testingpage.php"; ?>

//on testingpage.php
<?php print_r($_COOKIE); ?>

Posted: Wed Aug 22, 2007 9:51 pm
by feyd
Remember to use a full URL, http:// and all, for header() based redirection.

Posted: Wed Aug 22, 2007 11:24 pm
by cem_02
ok the test script

Code: Select all

<?php #stcookie.php
ob_start(); // starts buffer
setcookie('user_name', 'fred');
header("Location: http://localhost/testingpage.php"); ?>
works well now.I can send cookies now. The problem had to do with my firewall settings.

But my original login.php still has the same problem, it won't set the cookies. I just checked it, mysql_connect.php and loggedin.php.Everything should work, but it doesn't. I know there must be a tiny thing I must be missing....

Posted: Thu Aug 23, 2007 9:13 am
by superdezign
Not created at all? Cookie's have a bit of a delay in their creation.. Are you sure it's never created at all?

Posted: Thu Aug 23, 2007 2:58 pm
by tecktalkcm0391
cem_02 wrote:ok the test script

Code: Select all

<?php #stcookie.php
ob_start(); // starts buffer
setcookie('user_name', 'fred');
header("Location: http://localhost/testingpage.php"); ?>
works well now.I can send cookies now. The problem had to do with my firewall settings.

But my original login.php still has the same problem, it won't set the cookies. I just checked it, mysql_connect.php and loggedin.php.Everything should work, but it doesn't. I know there must be a tiny thing I must be missing....
are you sure the cookie is set correctly and not "missing" because it wasn't sent to the browser yet... like in your original test

Got it!

Posted: Thu Aug 23, 2007 7:27 pm
by cem_02
Thanks!