Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

how to set cookie to a variable not a constant 1

Status
Not open for further replies.
deecee

deecee

Technical User
Aug 25, 2001
1,678
US
Ok i have a simple longin page and that page goes to a check in page and a denied page if the login is incorrect or if someone access the page without signing in

here is my check script in teh check in page

<?php
if (!isset($HTTP_COOKIE_VARS['user']) || $HTTP_COOKIE_VARS['user'] != &quot;cascade&quot;) {
header (&quot;Location: denied.php&quot;);
}
?>

I have to have &quot;cascade&quot; in there as that is the username being passes...How would i set it up so that it is the username form filed instead (the form field name is fldUser)

i tried &quot;$fldUser&quot; but that didnt work

here is my form page cookie setter

<?php
if (isset($HTTP_POST_VARS['fldPass'])) {
setcookie(&quot;pass&quot;, $HTTP_POST_VARS['fldPass'], time()+86400*1);
}

if (isset($HTTP_POST_VARS['fldUser'])) {
setcookie(&quot;user&quot;, $HTTP_POST_VARS['fldUser'], time()+86400*1);
}

it is set to one day but Id rather it expire when the browser is closed how is that possible as well.
and here is my form


<form action=&quot;<?php echo $FF_LoginAction?>&quot; method=&quot;POST&quot; name=&quot;access&quot; id=&quot;access&quot;>
<table width=&quot;400&quot; border=&quot;0&quot; cellspacing=&quot;2&quot; cellpadding=&quot;0&quot;>
<tr>
<td align=&quot;right&quot; valign=&quot;middle&quot; class=&quot;header&quot;>USERNAME</td>
<td align=&quot;left&quot; valign=&quot;middle&quot; class=&quot;header&quot;> <input name=&quot;fldUser&quot; type=&quot;text&quot; id=&quot;fldUser&quot; value=&quot;<?php echo $HTTP_COOKIE_VARS['user']; ?>&quot;></td>
</tr>
<tr>
<td align=&quot;right&quot; valign=&quot;middle&quot; class=&quot;header&quot;>PASSWORD</td>
<td align=&quot;left&quot; valign=&quot;middle&quot; class=&quot;header&quot;> <input name=&quot;fldPass&quot; type=&quot;password&quot; id=&quot;fldPass&quot; value=&quot;<?php echo $HTTP_COOKIE_VARS['pass']; ?>&quot;></td>
</tr>
<tr align=&quot;center&quot; valign=&quot;middle&quot;>
<td colspan=&quot;2&quot; class=&quot;header&quot;> <input type=&quot;submit&quot; name=&quot;Submit&quot; value=&quot;Submit&quot;></td>
</tr>
</table>
</form>

Also by me echoing in the form the cookie var do i still need to have the first part of the form page (the cookie setter)
[Hammer]
Nike Failed Slogans -- &quot;Just Don't Do It!&quot;
 
Sort by date Sort by votes
hullo ..... [Hammer]
Nike Failed Slogans -- &quot;Just Don't Do It!&quot;
 
Upvote 0 Downvote
ok this is what i have working

<?php
session_start();
if (!isset($HTTP_SESSION_VARS['username']) || $HTTP_SESSION_VARS['username'] != &quot;cascade&quot;) {
header (&quot;Location: denied.php&quot;);
}
?>

How can i make it so instead of cascade i can have that be fldUser which is the name of the user field

also how can i check and confirm the password just like this, can i just add another if statement and make sure that both are true using if/and [Hammer]
Nike Failed Slogans -- &quot;Just Don't Do It!&quot;
 
Upvote 0 Downvote
where is fldUser?

Is it in $_POST? then do a
$HTTP_SESSION_VARS['username'] != $_POST[&quot;fldUser&quot;]

if it's in get use get, if it's somewhere else, just put that variable there.

And yes, check the password the same way, just make sure you don't output anything before your call to header.

-Rob
 
Upvote 0 Downvote
<?php
session_start();
if (!isset($HTTP_SESSION_VARS['username']) || $HTTP_SESSION_VARS['username'] != $_POST[&quot;fldUser&quot;]) {
header (&quot;Location: enter.php&quot;);
}
?>

It didnt work...

And ya its in post from the form

here is the form

<form action=&quot;<?php echo $LoginAction?>&quot; method=&quot;POST&quot; name=&quot;access&quot; id=&quot;access&quot;>
<table width=&quot;400&quot; border=&quot;0&quot; cellspacing=&quot;2&quot; cellpadding=&quot;0&quot;>
<tr>
<td align=&quot;right&quot; valign=&quot;middle&quot; class=&quot;header1&quot;>USERNAME*</td>
<td align=&quot;left&quot; valign=&quot;middle&quot;>
<input name=&quot;fldUser&quot; type=&quot;text&quot; id=&quot;fldUser&quot; class=&quot;user&quot;></td>
</tr>
<tr>
<td align=&quot;right&quot; valign=&quot;middle&quot; class=&quot;header1&quot;>PASSWORD*</td>
<td align=&quot;left&quot; valign=&quot;middle&quot;>
<input name=&quot;fldPass&quot; type=&quot;password&quot; id=&quot;fldPass&quot; class=&quot;user&quot;></td>
</tr>
<tr align=&quot;center&quot; valign=&quot;middle&quot;>
<td height=&quot;30&quot; colspan=&quot;2&quot; class=&quot;header&quot;>
<input type=&quot;image&quot; src=&quot;images/submit.gif&quot; name=&quot;Submit&quot; value=&quot;Submit&quot;>
<br>
*Case Sensitive</td>
</tr>
</table>
</form>

and here is $LoginAction

$LoginAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING']) && $HTTP_SERVER_VARS['QUERY_STRING']!=&quot;&quot;) $FF_LoginAction .= &quot;?&quot;.$HTTP_SERVER_VARS['QUERY_STRING'];
if (isset($HTTP_POST_VARS['fldUser'])) {
$FF_valUsername=$HTTP_POST_VARS['fldUser'];
$FF_valPassword=$HTTP_POST_VARS['fldPass'];
$FF_fldUserAuthorization=&quot;&quot;;
$FF_redirectLoginSuccess=&quot;index_incl.php&quot;;
$FF_redirectLoginFailed=&quot;denied.php&quot;;
$FF_rsUser_Source=&quot;SELECT Username, Pass &quot;;
if ($FF_fldUserAuthorization != &quot;&quot;) $FF_rsUser_Source .= &quot;,&quot; . $FF_fldUserAuthorization;
$FF_rsUser_Source .= &quot; FROM pass WHERE Username='&quot; . $FF_valUsername . &quot;' AND Pass='&quot; . $FF_valPassword . &quot;'&quot;;
mysql_select_db($database_connCasino, $connCasino);
$FF_rsUser=mysql_query($FF_rsUser_Source, $connCasino) or die(mysql_error());
$row_FF_rsUser = mysql_fetch_assoc($FF_rsUser);
if(mysql_num_rows($FF_rsUser) > 0) {
// username and password match - this is a valid user
$username=$FF_valUsername;
session_register(&quot;username&quot;);
if ($FF_fldUserAuthorization != &quot;&quot;) {
$MM_UserAuthorization=$row_FF_rsUser[$FF_fldUserAuthorization];
} else {
$MM_UserAuthorization=&quot;&quot;;
}
session_register(&quot;MM_UserAuthorization&quot;);
if (isset($accessdenied) && false) {
$FF_redirectLoginSuccess = $accessdenied;
}
mysql_free_result($FF_rsUser);
session_register(&quot;FF_login_failed&quot;);
$FF_login_failed = false;
header (&quot;Location: $FF_redirectLoginSuccess&quot;);
exit;
}
mysql_free_result($FF_rsUser);
session_register(&quot;FF_login_failed&quot;);
$FF_login_failed = true;
header (&quot;Location: $FF_redirectLoginFailed&quot;);
exit;

I use dreamweaver and this is an extension for it, I had tried my own script but that was taking so long and I need a solution by end of next week for this. I appreciate your help but the first suggestion didnt work. [Hammer]
Nike Failed Slogans -- &quot;Just Don't Do It!&quot;
 
Upvote 0 Downvote
Just to be consistent with your script use
$HTTP_POST_VARS['fldUser']

first off, and secondly... do a
echo &quot;<pre>&quot;;
print_r($HTTP_POST_VARS);

to see what you have in there

-Rob
 
Upvote 0 Downvote
ok i did this

<?php

session_start();
$HTTP_POST_VARS['fldUser'];
if (!isset($HTTP_SESSION_VARS['username']) || $HTTP_SESSION_VARS['username'] != &quot;cascade&quot;) {
header (&quot;Location: enter.php&quot;);
}
?>

I also changed the &quot;cascade&quot; to &quot;$_POST[&quot;fldUser&quot;]&quot; and that didnt work

and i put

echo &quot;<pre>&quot;;
print_r($HTTP_POST_VARS);

in a cell im my page and that returned

Array
(
)

I must warn you i am new to php (and i shouldve mentioned this earlier) so all this is new so I assumed that
$HTTP_POST_VARS['fldUser']; should be se equal to somethign first

$HTTP_POST_VARS['fldUser'] = $userCas;

I tried that too and then where &quot;cascade&quot; is i put $userCas and that didnt work either.

:/

thanks again [Hammer]
Nike Failed Slogans -- &quot;Just Don't Do It!&quot;
 
Upvote 0 Downvote
from your print_r it's showing that your form is not passing any variables by the post method to the script.

That or you're overwriting it somewhere.

You are launching this page by clicking on the submit button correct?
 
Upvote 0 Downvote
yes [Hammer]
Nike Failed Slogans -- &quot;Just Don't Do It!&quot;
 
Upvote 0 Downvote
where could i be overwriting the VAR I have it in my form then it doesn't pass over... [Hammer]
Nike Failed Slogans -- &quot;Just Don't Do It!&quot;
 
Upvote 0 Downvote
Well, you have a superflous $HTTP_POST_VARS[&quot;fldUser&quot;]; at the top of your script, but that shouldn't do anything.... and it appears your whole form is blank, not just the one.

Honestly, I'm stumped... I think if I were you I'd try replacing the image with a plain submit button, I doubt that has anything to do with it, but who knows.... then I'd switch the method of the form to GET and watch the URL, make sure things are being passed.

-Rob
 
Upvote 0 Downvote
k
thanks [Hammer]
Nike Failed Slogans -- &quot;Just Don't Do It!&quot;
 
Upvote 0 Downvote
thanks for your help, alhough none of these worked that trick with <pre> to check out wat variables are passes is very helpful. [Hammer]
Nike Failed Slogans -- &quot;Just Don't Do It!&quot;
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

P
  • Locked
  • Question
JPgraph - How to stop a line graph from dropping to zero?
Replies
2
Views
888
Chris Miller
Chris Miller
R
  • Locked
  • Question
How Can I Use MySQL To Send Data To An Email
Replies
1
Views
822
Chris Miller
Chris Miller
W
  • Locked
  • Question
how to send checked row data in php
Replies
0
Views
591
wiltang2004
W
rogerte
  • Locked
  • Question
How to parse associative array
Replies
13
Views
3K
Chris Miller
Chris Miller
EdLentz
  • Locked
  • Question
I need a simple example of how to send a table of info .
Replies
8
Views
1K
EdLentz
EdLentz

Part and Inventory Search

Sponsor

Back
Top