Page 1 of 1

Login Script Not Registering cookies...Please Help!!!!

Posted: Sun Aug 24, 2008 9:47 pm
by k3v0
Please help, I have been messing with this code for about 3 days and for some reason, it will only set the first cookie and not the ones following that. I have 3 files, login.php, which just is the login form that passes the info to authorize.php, and after being authorized you get redirected to welcome.php, which I have echoing the values of the cookies, and it is not echoing any cookies that have variables as values.

I would appreciate ANY help in this.

This is the authorize.php file.

Code: Select all

 
<?php
include('include/db.php');
 
// username and password sent from form
$username=$_POST['username'];
$password=$_POST['password'];
 
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
 
$sql="SELECT * FROM `client_login` WHERE username='$username' and password='$password'";
$result=mysql_query($sql);
 
$count=mysql_num_rows($result);
// If result matched $username and $password, table row must be 1 row
 
if($count==1){
// Register $username, $password and redirect to file "welcome.php"
                                    # set cookie parms - AUTH
                                            $authValue = 1;
                                            setcookie("AUTH", $authValue);
        
                                    # set cookie parms - USER
                                            $userValue = $result['username'];
                                            setcookie("USER", $userValue);
 
                                    # set cookie parms - USER
                                            $first_name_sess = $result['first_name'];
                                            setcookie("FIRST_NAME_SESS", $first_name_sess);  
 
                                    # set cookie parms - USER
                                            $last_name_sess = $result['last_name'];
                                            setcookie("LAST_NAME_SESS", $last_name_sess);
 
                                    # set cookie parms - EID
                                            $eData = $result['EID'];
                                            setcookie("EID", $eData);
header("location:welcome.php");
}
else {
//If wrong username, redirect to login.php after 5 seconds.
echo 'Wrong Username or Password<br />
                        <form name="redirect">
                        You will be redirected to the homepage in
                        <input style="border:0px; width:13px; text-align:right;" type="text" name="redirect2" />
                        seconds
                        </form>
                        
 
 
                        <script>
                        var targetURL="http://www.premiumwebfusion.com/support_system/login.php"
                        
                        //change the second to start counting down from
 
                        var countdownfrom=5
                        
                        
                        var currentsecond=document.redirect.redirect2.value=countdownfrom+1
                        function countredirect(){
                        if (currentsecond!=1){
                        currentsecond-=1
                        document.redirect.redirect2.value=currentsecond
 
                        }
                        else{
                        window.location=targetURL
                        return
                        }
                        setTimeout("countredirect()",1000)
                        }
                        
                        countredirect()
                        //-->
                        </script>';
 
}
?>
 
This is welcome.php and the only output that is being given from these echo commands is the AUTH cookie value because it is not a variable for the value.

Code: Select all

 
<?php 
    $eid = $_COOKIE['EID'];
    $fn = $_COOKIE['FIRST_NAME_SESS'];
    $ln = $_COOKIE['LAST_NAME_SESS'];
    $user = $_COOKIE['USER'];
    $authorize = $_COOKIE['AUTH'];
    echo $eid;
    echo $fn;
    echo $ln;
    echo $user;
    echo $authorize;
?>
 
 
Not sure what exactly the issue is with this code, please help me out if you can...

Re: Login Script Not Registering cookies...Please Help!!!!

Posted: Mon Aug 25, 2008 1:02 am
by eskio
Hi,
You should know that the user (browser) can block cookies so your login will not work (I think I am write :wink: ). Why don't use use sessions. in the login page you create sessions

Code: Select all

$_SESSION['user'] = blabla
and on the contrary in the logout page you kill sessions.
here is the logout page

Code: Select all

<?php
session_start();
// destroy session session
unset($_SESSION['user']);
session_destroy();
// destroy cookies
$sessionPath = session_get_cookie_params(); 
setcookie(session_name(), "", 0, $sessionPath["path"], $sessionPath["domain"]); 
header('Location: login.php');
?>