Cookies and sessions not working...
Posted: Thu Nov 09, 2006 11:27 am
feyd | Please use
feyd | Please use
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
There seems to be some problem with this script. When I log in the first time the authuser variable gets set to true. But then when I reture to the page, the cookies and sessions are dead and the wrong elements are displayed. I think that the sessions and cookies are not getting set properly.
I am using XAMPP.Code: Select all
<?php
//Open Active Sessions
session_start();
ob_start();
//set authuser to false, reset to true if all conditions are satisified
$authuser = false;
//
/*
if the $authuser is false then the form will be used.
If the form is filled in and submitted then set the variables and
check the stuff
*/
//
// Check for the login form and set variables to values for login
$login = STRTOUPPER($_POST["txt_name"]);
$loginlen = strlen($login);
$password = $_POST["txt_password"];
//
// set password error to true to be reset to false if all conditions are staisfied
$password_error = true;
//
//check for stay logged in box, if ticked use cookies not sessions
if ( $_POST["bake_cookie"] == STRTOUPPER("BAKE_AT_100") )
{
$bake_cookie = true;
}
else
{
$bake_cookie = false;
}
//find the user name for lenght and that if it exists
if ($loginlen > 0)
{
$query = "
SELECT
`users`.`password`,
`users`.`authcode`
FROM
`users`
WHERE
ucase(`users`.`login`) = '$login'
";
$openquery = mysql_query($query, $connection) or die("error opening user database 1");
if (mysql_num_rows($openquery) > 0)
{
// the name exists, set variables to db password
$password_check = mysql_result($openquery, 0, "password");
// check if entered password is equal to the stored password
if (!strcmp($password_check, $password))
{
//if true set password_error to false, allowing login
$password_error = FALSE;
}
//if the password error has been set to false, then the user should be able to login.
if ($password_error == FALSE)
{
//create cookies to allow login if requested
if ($bake_cookie == true)
{
setcookie("cookieon", TRUE, 0);
setcookie("user", $login, 0);
// also set variables for later checks
$cookieon_check = true;
$login_check = $login;
$authuser = true;
echo"cookie";
}
//if bake_cookie is not on then create sessions for login
//this should be more secure
else
{
$_SESSION["sessionon"] = TRUE;
$_SESSION["user"] = $login;
}
}
}
}
//check for session start
if ($_SESSION["sessionon"] == TRUE)
{
$sessionon_check = true;
$login_check = $_SESSION["user"];
$authuser = true;
}
//check for cookie start
if ($_COOKIE["cookieon"] == TRUE)
{
$cookieon_check = true;
$login_check = $_COOKIE["user"];
$authuser = true;
}
//check for logout
if ($_POST["Logout"] == "Logout")
{
session_destroy();
$_SESSION["sessionon"] = FALSE;
setcookie ("user", "", time() - 3600);
setcookie ("cookieon", "", time() - 3600);
$sessionon_check = false;
$cookieon_check = false;
$login_check = "";
$authuser = false;
}
//enter forms, either login, or logout
if ($authuser == true)
{
echo '
<form action="'.$SERVER[PHP_SELF].'" method="post">
<font face="Arial, Helvetica, sans-serif" size="1">
<input type="submit" name="Logout" value="Logout" />
</font>
</form>';
}
else
{
include("login_form.php");
}
?>feyd | Please use
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]