cookie problem

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
itsmani1
Forum Regular
Posts: 791
Joined: Mon Sep 29, 2003 2:26 am
Location: Islamabad Pakistan
Contact:

cookie problem

Post by itsmani1 »

Here is my code for cookie

Code: Select all

setcookie("cookname", $_POST["login"], time()+60*60*24*100, "ideas/");
			setcookie("cookpass", $_POST["pass"], time()+60*60*24*100, "ideas/");
			
			echo $_COOKIE['cookname'];
			exit;
Here is error:
Notice: Undefined index: cookname in C:\wamp\www\ideas\login.php on line 27

any idea?

thanks
User avatar
seppo0010
Forum Commoner
Posts: 47
Joined: Wed Oct 24, 2007 4:13 pm
Location: Buenos Aires, Argentina

Post by seppo0010 »

The cookie won´t be set on $_COOKIE until the user submits in, on the next HTTP request...

The $_COOKIE array is created when the script starts, it is not modified on the run by setcookie function
User avatar
itsmani1
Forum Regular
Posts: 791
Joined: Mon Sep 29, 2003 2:26 am
Location: Islamabad Pakistan
Contact:

Post by itsmani1 »

sorry did not get what you mean, can you please explain it and possibly give solution?
User avatar
Zoxive
Forum Regular
Posts: 974
Joined: Fri Apr 01, 2005 4:37 pm
Location: Bay City, Michigan

Post by Zoxive »

itsmani1 wrote:sorry did not get what you mean, can you please explain it and possibly give solution?
He means exactly what he said. Cookies are not created until the Next Refresh/Page load.

And alternate solution is Sessions.


Setting User Passwords in Cookies are never a good idea, ever.
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

Why are you storing the password in a cookie? Big no no
User avatar
itsmani1
Forum Regular
Posts: 791
Joined: Mon Sep 29, 2003 2:26 am
Location: Islamabad Pakistan
Contact:

Post by itsmani1 »

well i was doing this because i want to implement remember me system on login
is there any better way?

thank you
dizyn
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

The simplest way is to create some kind of key and store this in the users table, then compare the key with the one in the cookie. We have talked about this many times before, have you looked at any of the previous threads?
phpBuddy
Forum Commoner
Posts: 37
Joined: Mon Nov 05, 2007 3:42 am

Post by phpBuddy »

Jcart wrote:The simplest way is to create some kind of key and store this in the users table,
then compare the key with the one in the cookie.
We have talked about this many times before,
have you looked at any of the previous threads?
I have also seen the use of a special table
where userid and several cookiedata are stored.
This table is used for some security matching testing. A special key called 'serial' is checked/updated each visit.
To prevent use of 'stolen cookie', 'cookie theft'.

Here is the article:
Improved Persistent Login Cookie Best Practice
http://jaspan.com/improved_persistent_login_cookie_best_practice
I have also seen a PHP Web application that use an implemention of this way refering to article.
But cant remember which one it is.

Now cookie theft does not happen too often.
And for a normal website we may do well with some less complicated cookie controls.
Post Reply