Cookies

[overyde]

I got a problem with an authorization code. The login works fine. But my cookie does not see, to be working.

Here's the login code:
<?php
//check for required fields from the form
if ((!$_POST[username]) || (!$_POST[password])) {
header(&quot;Location: login.php&quot;
exit;
}

//connect to server and select database
$conn = mysql_connect(&quot;localhost&quot;,&quot;&quot;,&quot;&quot
or die(mysql_error());
mysql_select_db(&quot;login&quot;,$conn) or die(mysql_error());

//create and issue the query
$sql = &quot;select f_name, l_name from auth_users where username =
'$_POST[username]' AND password = password('$_POST[password]')&quot;;
$result = mysql_query($sql,$conn) or die(mysql_error());

//get the number of rows in the result set; should be 1 if a match
if (mysql_num_rows($result) == 1) {

//if authorized, get the values of f_name l_name
$f_name = mysql_result($result, 0, 'f_name');
$l_name = mysql_result($result, 0, 'l_name');

//set authorization cookie
setcookie(&quot;auth&quot;, &quot;1&quot;, 0, &quot;/&quot;, &quot;localhost&quot;, 0);

//prepare message for printing, and user menu
$msg = &quot;<p>$f_name $l_name is authorized!</p>&quot;;
$msg .= &quot;<p>Authorized users menu:</p>&quot;;
$msg .= &quot;<ul><li><a href=\&quot;restcheck.php\&quot;>secret page</a></ul>&quot;;

} else {

//redirect back to login form if not authorized
header(&quot;Location: login.php&quot;
exit;
}
?>
<html>

<head>
<title>User Authorized</title>
</head>

<body>

<? print &quot;$msg&quot;; ?>

</body>
</html>

and the testing for auth cookie:
<?php
if ($_COOKIE[auth] == &quot;0&quot {
$msg = &quot;<p>You are an authorized user.</p>&quot;;
} else {
//redirect back to login form if not authorized
header(&quot;Location: login.php&quot;
exit;
}
?>
<html>

<head>
<title> You have entered a restricted zone!</title>
</head>

<body>

<?php print &quot;$msg&quot;; ?>

</body>
</html>

 

[youradds]

Cookies are not made available straight after creation. The way I normally do it, is;

This is the part in the MySQL query...

setcookie("auth", "1", 0, "/", "localhost", 0);
$logged_in = 1;

Then something like this to see if they are logged in....

if ($_COOKIE[auth])     { echo "loged in ok";  } 
elseif ($logged_in = 1) { echo "logged in ok"; }
else                    { echo "not logged in";}

Hope that helps

Andy

 

[DRJ478]

set_cookie sets the parameters to be sent with the header when the output of the PHP script is sent.

$_COOKIE referes to the superglobal array that is set when the request for this PHP script is received. You cannot manipulate the variables in $_COOKIE with set_cookie.

You would have to manipulate $_COOKIE manually.

After all, cookies are meant to conserve something between two pages, not within the same script.

 

[overyde]

My problem is that it seems that the cookies are not being written. Is there a setting in the php.ini or something that I must configure. Im using Windows XP, MySQL 4.0.4. and php 4.2.3.

 

[sleipnir214]

How have you tested cookie writing?

Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!