PHP - I Need Help With A Cookie Php Script

i want to store the nickname of the user as a cookie..
somthing like set cookie name=nickname,value=smarty,expires after 1 week
i know cookies are stored against domain names.
what happens when another person logs in the same computer, with different login, and his nickname is diff
how does the cookie get handled, and how does the right nickname flash against the right persons login id...

Ok I have my login form and previously I was using $_SESSION untill I learned this removes data when browser is closed. Someone said to me to use cookies but I have no clue where to begin on setting a cookie or reading information from it.

Can anyone point me to a tutorial on cookies?

I have part of my script that I have used many times in many diffrent applications that works just fine.
But in this use it refuses to set the cookie or do anything besides the redirect for that matter.
// if login is ok then we add a cookie 
  $ip = $_SERVER['REMOTE_ADDR'];
$datem = date("j F Y, g:i a");
mysql_query("UPDATE YBK_Login SET date = '$datem' AND ip = '$ip' WHERE ID = '{{$info['ID']}'")or die(mysql_error()); 

   $_POST['username'] = stripslashes($_POST['username']); 
   $hour = time() + 3600; 
 setcookie('ID_WatsonN', $_POST['username'], 0); 
 setcookie('Key_WatsonN', $_POST['pass'], 0);
 setcookie('UID_WatsonN', $info['ID'], 0);
 setcookie('LOGIN', $info['ID'], time()+3);
 //then redirect them to the members area 
  Header("Location: dashboard.php"); 

Hi,
I was trying to use setcookie on my website but when I try to use, it wasn't setting anything and then I tried to make sure if it's setting something, I added
Code: [Select]
echo $_COOKIE;But it shows Array (just the word) instead of tblogvalue.

This is the code I'm using;
Code: [Select]
$Month = 2592000 + time();
setcookie(tblog, tblogvalue, $Month);

echo $_COOKIE;

Hi all,

I'm struggling with a program I'm trying to write with cookies, so any help would be very much appreciated!!

What I'm wanting to do is when someone visits my site, I want to display content until the end of the day, and once the days up it disappears forever/until the cookies are deleted.

Could someone help me with this?

Thanks lots in advance,

Jake

Hi All,   I seem to be getting in a right mess with this, so hope someone can help.   I'm simply trying to set a cookie called 'defaultLanguage'.   It will initially be set to English and when someone completes a form, the form value is then passed and used in the cookie.   here's my code:

$cookie_name = 'defaultLanguage';
$cookie_value = $_GET["language"];
if ($cookie_value == ''){
	$cookie_value = 'English';
}else{
	$cookie_value = $_GET["language"];
}
setcookie($cookie_name, $cookie_value, time() + (86400 * 30), '/'); // 86400 = 1 day

I then use this to test/check:

$cookie_name = 'defaultLanguage';
if(!isset($_COOKIE[$cookie_name])) {
  print 'Cookie with name "' . $cookie_name . '" does not exist...';
} else {
  print 'Cookie with name "' . $cookie_name . '" value is: ' . $_COOKIE[$cookie_name];
}

If I clear my browser cookies, this is what happens: On initial page load it says: Cookie with name "defaultLanguage" does not exist... If I reload the page or move to another, it says: Cookie with name "defaultLanguage" value is: English If I then complete my form, ?language=French is added to the URL, however, it still says: Cookie with name "defaultLanguage" value is: English I think I' missing something obvious but can't see for looking!!   Any help is much appreciated

I was told that my login page could easily be manipulated to set themselves as my username (Mod Justin), giving them powers. How can I further secure my website's use of cookies?

Quote

I just visited your site as you - Mod Justin, simply by setting a 'user' cookie for your domain with your username in it.

Your login code is NOT effective at stopping anyone or any bot script from impersonating any of the users, even impersonating you.



My login code:

http://pastebin.com/cBLybGKq

Any possible solution to this?

hello,

I am trying to setup a simple password protected site with a cookie so that users that have entered the password wont have to enter it again for 1 month. so I have a simple index.php page with the passowrd field on it in the root directory. then my site is in a sub directory /cms/ and the index.php page there checks for the $_POST value to set the cookie and let the user continue on.

Like this:
<?php 
//check if user has entered password and needs cookie set
if(isset($_POST['fpass']) && !isset($_COOKIE['fpass'])) setcookielive('fpass', $_POST['fpass'], strtotime( '+1 Month' ));



function setcookielive($name, $value='', $expire=0, $path='', $domain='', $secure=false, $httponly=false) {
    //set a cookie as usual, but ALSO add it to $_COOKIE so the current page load has access
    $_COOKIE[$name] = $value;
    return setcookie($name,$value,$expire,$path,$domain,$secure,$httponly);
}



defined( '_VALID_MOS' ) or die( 'Restricted access' );

//check if user has not entered password
if (!isset($_COOKIE['fpass']) || $_COOKIE['fpass'] == "") header('location: http://www.example.com');
//check if the user has a cookie set but is on a new session
if (isset($_COOKIE['fpass']) && !isset($_POST['fpass'])) header('location: http://www.example.com/disclaimer.php');

...
The disclaimer.php page is actually the default landing page that users need to start on (after entering a password that is).

Couple of problems:
This just loops back to the disclaimer page how do I send the user to the disclaimer page at the beginning of each session even if the Cookie is set
thanks for any help

I have an array of fields:

$fields = array(
"cfg_change_date" => "Configuration Change Date",
"system_name" => "System Name",
"system_manf" => "System Manufacturer",
"system_model_no" => "System Model Number",
"system_serial_no" => "System Serial Number",
"system_board_part_no" => "System Board Part Number",
"system_board_serial_no" => "System Board Serial Number",
"asset_tag" => "Asset Tag",
"sla_code" => "SLA Code",
"category" => "Category",
"os_version" => "OS Version",
"os_upgraded" => "OS Upgraded",
"bios_version" => "BIOS Version",
"bios_upgraded" => "BIOS Upgraded",
"ilom_version" => "ILOM Version",
"ilom_ip" => "ILOM IP Address",
"ilom_updated" => "ILOM Updated",
"rack_id" => "Rack ID",
"rack_location_id" => "Rack Location ID",
"tech_id" => "Tech ID",
"warranty" => "Warranty"
);


I have them all outputted as checkboxes right now in a form. When the user hits save, I want the checked ones to be stored in a single cookie and then later referenced so it remember what the user wants to query from the DB. The thing I cant figure out is how to do this dynamically rather than checking if each one is checked.

Hi,
I'm trying to set cookie but all in vain. I've already posted my php code in my last post. "COOKIE PROBLEM". I think there is nothing wrong with code. may be i need to enable to load some library or something in xampp. Is there anyone who knows what setting do i need to do for enable cookies and in which file?
Please help

Hello All

    I wrote a tiny piece of cookie code (to set and record cookies and hits) that works pretty well but seems to have a bug in it that I cannot figure out. First, here is the code:

Code: [Select]
<?php
$my_cookie = (isset($_COOKIE['my_cookie'])) ? true : false;

$countFile = "./data/count.txt";
$cookieFile = "./data/cookie.txt";

$dateTime = date('Y-m-d\,H:i:s\,U\,T\,O\G\M\T');
$remoteIPAddress .= $_SERVER['REMOTE_ADDR'];
$remoteUserAgent .= $_SERVER['HTTP_USER_AGENT'];

$cookieVal = $dateTime;
$cookieVal .= ",";
$cookieVal .= $remoteIPAddress;
$cookieVal .= ",";
$cookieVal .= $remoteUserAgent;
$cookieVal .= "\r\n";

    if(!$my_cookie){
     // read the visit counter
     $countHandle = fopen($countFile, 'r');
     $visitCount = intval(trim(@fread($countHandle, filesize($countFile))));
     fclose($countHandle);

     // incremenet the visit counter
     $visitCount++;

// write the new visit count and cookie value to their respective files
     $countHandle = fopen($countFile, 'w');
     $cookieHandle = fopen($cookieFile, "a+b");

if(!preg_match('/bot/',$remoteUserAgent)){
     fwrite($countHandle, $visitCount);
     fwrite($cookieHandle, $cookieVal);
     }

     fclose($countHandle);
     fclose($cookieHandle);

     setcookie("my_cookie", $cookieVal, time()+31556926);
    }
    else{
     // read the visit counter
     $countHandle = fopen($countFile, 'r');
     $visitCount = fread($countHandle, filesize($countFile));
     fclose($countHandle);
    }
?>

What is happening is that sometimes, not every time, but, sometimes my cookie.txt count gets a 0 (zero) written back to it and I can't figure out why. Can anybody see anything in there that would have this effect? Like I said, it only gets zeroed out from time to time.

Thanks to all for taking the time to read.   

Hi All,

I have a secure website which always checks the cookies is not expired and the session id is set.
When someone doesn't browse for the period of the cookie it will expire however the session id stays valid
until he logout. A lot of people don't logout so the pages will still be accessable for them or others who use
their pc.

Is there a way to destroy the session id when the cookies expires?

Marco

I see all over the web that I should tie a session cookie to an ip to help stop some XSS session stealing, but I can't find HOW to do this anywhere. Can someone post some example code?

Thanks!

How to get the cookie value,when we login for a website,also how to access the site by using the cookie values?

Ok I have NEVER had problem like this before.

First of all, I am not that great with cookies or headers. But I know how to set cookies & sessions & how to use them.

Any way, this is the most important feature & page on my app. Its for the register page, it sets a cookie that is needed to prevent fraud.

I did the development of this script on my local server & this is my first time testing it on a real server.

My issue is, I keep getting the damn headers already sent error;

Code: [Select]
Warning: Cannot modify header information - headers already sent by (output started at /../../..//mysite.com/admin/includes/linkmysql.php:2) in /../../../mysite.com/reg.php on line 36
I literally tried everything. I completely rewrote the page to work around this. I cannot stress enough how important this cookie is.

I dont udnerstand. The php is b4 all the html, etc etc. There should be no other "headers being sent".

Heres the code;

<?php


require_once 'is_email.php';

$result = is_email(@$email, true, true);
if (isset($_POST['register_clicked']) && $_POST['register_clicked']==1)
{
$uname = $_POST['uname'];
$upasswd = $_POST['passwd'];
$email = $_POST['email'];




if (!(strlen($uname) > 0 && strlen($uname) < 31))
echo '<td colspan="3" align="center" class="FormError"> USERNAME length must be between 1 and 30! </td>';
else if (!(strlen($upasswd) > 0 && strlen($upasswd) < 41))
echo '<td colspan="3" align="center" class="FormError"> PASSWORD length must be between 1 and 30! </td>';
else if ($upasswd != $_POST['passwdconf'])
echo '<td colspan="3" align="center" class="FormError"> PASSWORD doesn\'t match! </td>';


else if (!is_email($email)) echo "<td colspan='3' align='center' class='FormError'>{$email} is not a valid email address! (result code $result)</td>";
else
{
include_once('admin/includes/linkmysql.php');
include('admin/includes/func.php');
if (!newuser($uname, $upasswd, $email))
echo "<td colspan='3' align='center' class='FormError'>Username already in use!</td>";

else
{
echo '<strong><font color="black">Registration Completed!</font></strong>';
$value = "no-delete";
setcookie("Muffins", $value, mktime (0, 0, 0, 12, 31, 2015));

#if (isset($_POST['autologin']))
#{

add_login($uname);
$_SESSION['login_name'] = $uname; 
?>
<!--<script language="javascript" type="text/javascript">
window.location.href = "index.php?a=home";
</script> -->
<?php
}
}
}

?>
                    <?php
if (isset($_COOKIE['Muffins']))
{
Header ('Location: http://mysite.com/index.php?a=noreg');
}

?>

line 36 is obviously the line with the setcookie. I have no idea why it is referencing the include file, it has two lines of code that defines the mysql connections.

This code is at the top of the page, before all the HTML etc. NO reason why it should be giving me header errors rigght!?? Im having the same issue with another page. I ban users thru setting a value in a mysql table, when the "system" notices the ban value is set, it redirects them to an account banned page using a header. BUT ITS THE SAME ******** THING!!!!!

NEVER in my YEARS of coding have I ran into such AN ANNOYING & SENSELESS ISSUE!

Sorry I am just SO frustrated, due to this I have not worked on this in days I pretty much gave up. I cannot launch this site that I have been working on for years without this working.

THANK YOU FOR ALL YOUR HELP!!! Much appreciated.