|
PHP - Cookie Problems
hello,
I am trying to setup a simple password protected site with a cookie so that users that have entered the password wont have to enter it again for 1 month. so I have a simple index.php page with the passowrd field on it in the root directory. then my site is in a sub directory /cms/ and the index.php page there checks for the $_POST value to set the cookie and let the user continue on. Like this: <?php //check if user has entered password and needs cookie set if(isset($_POST['fpass']) && !isset($_COOKIE['fpass'])) setcookielive('fpass', $_POST['fpass'], strtotime( '+1 Month' )); function setcookielive($name, $value='', $expire=0, $path='', $domain='', $secure=false, $httponly=false) { //set a cookie as usual, but ALSO add it to $_COOKIE so the current page load has access $_COOKIE[$name] = $value; return setcookie($name,$value,$expire,$path,$domain,$secure,$httponly); } defined( '_VALID_MOS' ) or die( 'Restricted access' ); //check if user has not entered password if (!isset($_COOKIE['fpass']) || $_COOKIE['fpass'] == "") header('location: http://www.example.com'); //check if the user has a cookie set but is on a new session if (isset($_COOKIE['fpass']) && !isset($_POST['fpass'])) header('location: http://www.example.com/disclaimer.php'); ... The disclaimer.php page is actually the default landing page that users need to start on (after entering a password that is). Couple of problems: This just loops back to the disclaimer page how do I send the user to the disclaimer page at the beginning of each session even if the Cookie is set thanks for any help Similar TutorialsWhat I'm trying to accomplish is your average session login w/ a cookie-based "remember me" feature. I can log in fine, I can set cookies, I can access those cookies, and I can use that data to log in just as if the user had logged in manually. The problem is logging out. But the bigger problem is figuring out why. You see, it works perfect. It logs in and it log out, so long as I am outputting data to the page. I was outputting a session variable and the cookies I set to make sure they were all working right; and they were. But then as soon as I disable those echoes, all of a sudden it won't log out anymore. So then I turn them on to see what the data says and BAM, I'm logged out. I log back in fine, I log back out fine, so I turn em off again. I log in fine. I can't log out. I try multiple times. I close my browser and open a new one. Still logged in. I try a few more times, still logged in. I turn the output back on, load the page again and I'm logged out. So... WTF? (my code to follow) Hey PHPFreaks! I have a problem with my login script, because when i login it sets a cookie and it all works. But when i got redirected and refresh the page, my script turns an error which says i'm not logged in? how come? This is what finds the cookie and redirects me Code: [Select] if(!isset($_SESSION['auth']) && !isset($_COOKIE['authcookie'])) { $_SESSION['ERROR'] = 7; header('location: index.php?login'); } i want to store the nickname of the user as a cookie.. somthing like set cookie name=nickname,value=smarty,expires after 1 week i know cookies are stored against domain names. what happens when another person logs in the same computer, with different login, and his nickname is diff how does the cookie get handled, and how does the right nickname flash against the right persons login id... if a user clicks ?hide=1 or ?hide=2 it does Code: [Select] if (isset($_GET['hide'])){ $id = intval($_GET['hide']); setcookie('hide', ''.$id.'',time()+32000000); header('Location: index.php'); exit; } How do I make it so if they click ?hide=1 it ad's 1, but what if they do ?hide=2 also? it would need to be 1,2 not just 2. Ok I have my login form and previously I was using $_SESSION untill I learned this removes data when browser is closed. Someone said to me to use cookies but I have no clue where to begin on setting a cookie or reading information from it. Can anyone point me to a tutorial on cookies? Hi all, I'm struggling with a program I'm trying to write with cookies, so any help would be very much appreciated!! What I'm wanting to do is when someone visits my site, I want to display content until the end of the day, and once the days up it disappears forever/until the cookies are deleted. Could someone help me with this? Thanks lots in advance, Jake I have a question about cookies I want the cookie to work on all the paths / folders / directorys located in a root path. So say like.. http://www.site.com/members/login.php is the folder which sets the cookie, then this cookie will also work on like.. http://www.site.com/bla/boo/works.php I'm trying to do: setcookie(Data1, 'valueofthecookie', '/', '.site.com', 1); But its not working... how can i set cookie like a*dm*n@**t*r*c**.*c** ?? Code: [Select] $cookkiee = $islem_1['mail'] ; $sayisi = strlen($cookkiee)-1 ; $cok = $islem_1['mail'] ; for($i=0;$i<=$sayisi;$i++) { $sifr = rand(0,2); if($sifr ==0) { $cok[$i]= '*'; } $dizik = $cok[$i]; setrawcookie("kayip",$dizik,time()+(60*30),"/"); $_COOKIE['kayip'] = $dizik; echo $dizi // etc . a*dm*n@**t*r*c**.*c** } echo $_COOKIE['kayip']; // etc. just one char being like random a Hi, I was trying to use setcookie on my website but when I try to use, it wasn't setting anything and then I tried to make sure if it's setting something, I added Code: [Select] echo $_COOKIE;But it shows Array (just the word) instead of tblogvalue. This is the code I'm using; Code: [Select] $Month = 2592000 + time(); setcookie(tblog, tblogvalue, $Month); echo $_COOKIE; I have part of my script that I have used many times in many diffrent applications that works just fine. But in this use it refuses to set the cookie or do anything besides the redirect for that matter. // if login is ok then we add a cookie $ip = $_SERVER['REMOTE_ADDR']; $datem = date("j F Y, g:i a"); mysql_query("UPDATE YBK_Login SET date = '$datem' AND ip = '$ip' WHERE ID = '{{$info['ID']}'")or die(mysql_error()); $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie('ID_WatsonN', $_POST['username'], 0); setcookie('Key_WatsonN', $_POST['pass'], 0); setcookie('UID_WatsonN', $info['ID'], 0); setcookie('LOGIN', $info['ID'], time()+3); //then redirect them to the members area Header("Location: dashboard.php"); Hey guys, first i have to say im from germany my english is not so good, i hope you understand the most things okay lets start, i have a cookie from site XY, i see the cookie in my browser, and now i want to save the cookie if someone goes to my website, the cookie is not on my website, i only want that the cookies displayed on my website or saved into the log.txt Code: [Select] <?php $jsi = $_COOKIES['JSESSIONID']; $current = file_get_contents('log,txt'); $current .= "\n$jsi"; file_put_contents('log.txt', $current); ?> but this code saves only the cookies on my own website, but i want a cookie from another website, all cookies are in my browser saved i want to read and save them. i hope you can help and understand me Hello all, I am extremely new with php, I just started learning it this week. I am tryin to make a secure login page that uses cookies for authentication. The problem I am having is that I cannot seem to get it to detect or read the set cookie properly. I want it to detect if its the correct username in the cookie and if so, allow to see the page, and if now, then return to the login screen. The login screen is login.html, which directs the person to the php script login.php. That should in turn show them a message page and some short info, as well as a link to their control panel (index.php) . The problem is that even if i skip the login I can still reach the control panel (index.php) with or without the cookie. Here is my code (please be gentle this is my first week with php): login.html: Code: [Select] <html> <head> <Title>Admin Login</Title> </head> <body> <center> <br> <br> <br> <br> <img src="pk.png"> <form action="login.php" method="post"> <br> Username: <input type="text" name="username" /><br> Password: <input type="text" name="password" /><br> <input type="submit" value="Login" /> </form> </center> </body> </html> login.php: Code: [Select] <?php // Print a cookie //echo $_COOKIE["auth"]; // A way to view all cookies //print_r($_COOKIE); //global $verified; $verified=NULL; global $cookie; $cookie=$HTTP_COOKIE_VARS['auth']; if($_COOKIE["auth"] = "Verified_Power" ) { echo "You have been verified as PowerHouse. <br><br>"; $verified="TRUE"; } else if($_COOKIE["auth"] = "Verified_Thor") { echo "it's actually thor!<br><br>"; $verified="FALSE"; } else { echo "Bad Chookie"; $verified="FALSE"; exit(); } ?> <html> <head> <Title>Login Info</Title> </head> <body> <center> <img src="pk.png"> <br> <br> <br> Hello <?php echo($username); ?>!<br /> <?php //header("Cache-Control:no-cache"); $msgfile = "messages.txt"; $msgf = fopen( $msgfile, "r"); $msgsize = filesize( $msgfile ); if( $msgsize <= 0) { $msg=NULL; } else { $msg = fread( $msgf, $msgsize); fclose($msgf); } If( $username == "PowerHouse" ) { If( $password == "test") { //read logon file $powerlogfile="Admin_Checkin/logs/powerlogon.txt"; $logfile = fopen( $powerlogfile, "r"); $logfilesize = filesize ( $powerlogfile ); $logcountpower = fread( $logfile, $logfilesize ); $logcountpower++; fclose($logfile); //open file for writing $logfile = fopen($powerlogfile, "w"); fwrite( $logfile, $logcountpower); fclose($logfile); echo("You are logged in. <br><br>"); echo("It is you master! <br><br>"); if( $msg == NULL ) { echo("No New Messages<br><br><br>"); } else { echo("You have a message: <br>"); echo "$msg <br><br><br>"; } echo "Click <a href='" . "/Admin_Checkin/14795" . "'>Here</a> To access your control panel.<br><br><br>"; echo "You have logged in $logcountpower times."; //open logfile to write to $logfile=fopen("Admin_Checkin/logs/powerlog.html", "a"); //write the time of access $time=date("H:i:s: dS F"); fwrite($logfile, "<b>Time of access:</b> $time<br>"); //write users ip if( $REMOTE_ADDR != NULL ) { fwrite($logfile, "<b>IP Address:</b> $REMOTE_ADDR <br>"); } //write users forwarding url if( $HTTP_REFERER != NULL) { fwrite($logfile, "<b>Referer:</b> $HTTP_REFERER <br>"); } //write users browser info fwrite($logfile, "<b>Browser Info:</b> $HTTP_USER_AGENT <hr><br>"); setcookie("auth","Verified_Power", time()+3600); //header("Location:login.php"); exit(); //setcookie('login', $_REQUEST['username'].','.md5($_REQUEST['username'].$secret_word)); } else if( $password != "test" ) { $pwfail++; echo("<hr>You have entered the wrong password, PowerHouse. <br>"); } } else if($username == "ThorSummoner") { If( $password == "test") { //read logon file $thorlogfile="Admin_Checkin/logs/thorlogon.txt"; $logfile = fopen( $thorlogfile, "r"); $logfilesize = filesize ( $thorlogfile ); $logcountthor = fread( $logfile, $logfilesize ); $logcountthor++; fclose($logfile); //open file for writing $logfile = fopen($thorlogfile, "w"); fwrite( $logfile, $logcountthor); fclose($logfile); echo("You are logged in. <br><br>"); echo("This is the Admin Portal Welcome Screen. <br><br>"); if( $logcountthor == 1) { echo "This is your first visit, yay! <br><br>"; } //echo "$msg <br> <br>"; if( $msg == NULL ) { echo("No New Messages<br><br><br>"); } else { echo("You have a message: <br>"); echo "$msg <br><br><br>"; } echo "Click <a href='" . "/Admin_Checkin/atfg4gc" . "'>Here</a> To access your control panel.<br><br><br>"; echo "You have logged in $logcountthor times."; //open logfile to write to $logfile=fopen("Admin_Checkin/logs/thorlog.html", "a"); //write the time of access $time=date("H:i:s: dS F"); fwrite($logfile, "<b>Time of access:</b> $time<br>"); //write users ip if( $REMOTE_ADDR != NULL ) { fwrite($logfile, "<b>IP Address:</b> $REMOTE_ADDR <br>"); } //write users forwarding url if( $HTTP_REFERER != NULL) { fwrite($logfile, "<b>Referer:</b> $HTTP_REFERER <br>"); } //write users browser info fwrite($logfile, "<b>Browser Info:</b> $HTTP_USER_AGENT <hr><br>"); setcookie("auth","Verified_Thor", time()+3600); } else if( $password != "test" ) { $pwfail++; echo("You have entered the wrong password, ThorSummoner. <br>"); } } else if($username !== "PowerHouse" && $username !=="ThorSummoner") { echo("Who are you?"); } ?> </center> </body> </html> index.php Code: [Select] <?php global $verified; echo ($verified); If( $verified == "TRUE" ) { echo "You are verified"; } else if( $verified != "TRUE" ) { echo "You should not be here"; } else if( $verified = NULL ) { echo "Nulled out"; } $cookie=$HTTP_COOKIE_VARS['auth']; If( $cookie != "Verified_Power") { echo "No Cookie, or not correct cookie"; } // A way to view all cookies //print_r($_COOKIE); ?> <html> <head> <Title>Power's Control Panel </Title> </head> <body> This is my control panel <BR> test<br> </body> </html> Any help would be greatly appreciated! Remember I am new so I am sure my code is poorly written. Please be polite. Can you send a cookie through ajax? Will it still be read by the browser? Hi All, I have a secure website which always checks the cookies is not expired and the session id is set. When someone doesn't browse for the period of the cookie it will expire however the session id stays valid until he logout. A lot of people don't logout so the pages will still be accessable for them or others who use their pc. Is there a way to destroy the session id when the cookies expires? Marco I see all over the web that I should tie a session cookie to an ip to help stop some XSS session stealing, but I can't find HOW to do this anywhere. Can someone post some example code? Thanks! test.php Code: [Select] <?php setcookie("test", 'tester', time()+3600*24*30 , "/", ".mystagingsite1.com"); header('Location: test2.php'); ?> test2.php Code: [Select] <?php echo '<pre>'; print_r($_COOKIE); echo '</pre>'; ?> This does not work. It's not setting the cookie at all. Is there something I am doing wrong here? Hello A few days back I searched for a (very) easy php login script, basicly just to show hidden content that's not for everyone. This is the script I found (and it works): <?php $username = "Username"; $password = "Password"; $randomword = "one"; if (isset($_COOKIE['MyLoginPage'])) { if ($_COOKIE['MyLoginPage'] == md5($password.$randomword)) { ?> <?php include 'projecten_.php'; $name = "0"; ?> <?php exit; } else { echo "<p>Bad cookie. Clear please clear them out and try to login again.</p>"; exit; } } if (isset($_GET['p']) && $_GET['p'] == "login") { if ($_POST['name'] != $username) { echo "<p>Sorry, that username does not match. Use your browser back button to go back and try again.</p>"; exit; } else if ($_POST['pass'] != $password) { echo "<p>Sorry, that password does not match. Use your browser back button to go back and try again.</p>"; exit; } else if ($_POST['name'] == $username && $_POST['pass'] == $password) { setcookie('MyLoginPage', md5($_POST['pass'].$randomword)); header("Location: $_SERVER[PHP_SELF]"); } else { echo "<p>Sorry, you could not be logged in at this time. Refresh the page and try again.</p>"; } } ?> <body style="background:url(images/repeat.gif) repeat-x #0a0a09; height:106px; margin:0px; padding:0px; text-align: center;"> <div style="margin-left: auto; margin-right: auto; position: relative; top: 120px; width: 250px; text-align: left; line-height: 28px;"> <img src="images/zenze.png" alt="Zenze" style="position: absolute; top: -100px; left: -375px;" /> <h5 style=" font-weight: none; font-size: 18px; font-family: verdana; margin: 0px; margin-bottom: 20px; color: #96ff00">Login</h5> <form action="<?php echo $_SERVER['PHP_SELF']; ?>?p=login" method="post"> <label><input type="text" name="name" id="name" /><span style="color: #999999; font-size: 12px; font-family:verdana"> Name</span></label><br /> <label><input type="password" name="pass" id="pass" /><span style="color: #999999; font-size: 12px; font-family:verdana"> Password</span></label><br /> <input type="submit" id="submit" value="Login" style="margin-top: 10px;" /></form> </div> </body> The only problem is, there is no log out fuction. I see this script works with cookies and I gave it a try, and I ended up with nothing but errors. Does anyone one has an idea to how a logout script would look like for this script? Thanks in advance, Crow I'm not really sure if this is a cookie problem but that's all I could think of. I have a web site that users have to log into. I have seen that when I log out of my account and log into my test account my main user name will still show on the welcome page unless I let the computer sit for a bit or if I clear recent history. This happens in all the main browsers. I have also started having a problem where if I update something in my database it shows up in MySQL right away but can take a while to show up on the web page unless i clear the history. Not sure what code to post to give you an idea so if you want to see something let me know and I will put it up. Thank you Hello, I am new to this forum and joined in hope I could get some help in relation to some PHP problems I have stumbled across within my work. I am currently working on an online store I am building from scratch. I have already built the basic system behind it and am now starting to implement a more user friendly design to it with JS validation, stylesheets and imaging layout. I have however come across a COOKIE problem with my login script. The purpose behind it is to only allow users into an area if they have logged in and declared cookies. I declare the cookies with 'setcookie()' then try and retrieve them with '$_COOKIE['firstname'];'. However since implementing my new design layout it has stopped being able to retrieve the cookies. Here is some of the script. I would greatly appreciate any help given ... Login.php Code: [Select] <?php //Validating input details and executing mysql query if ($username && $pass) { mysql_connect("$dhost","$dname","$dpass"); //Connection to mysql server @mysql_select_db("$dbase") or die ("Unable To Select Database!"); //Connection to stated database $query = "SELECT firstname, lastname, username FROM userdata WHERE password=SHA('$pass')"; //Retrieves firstname and lastname for username and password combination $result = @mysql_query ($query); $row = mysql_fetch_array ($result,MYSQL_NUM); //Return a record, if applicable if ($row) { setcookie('firstname', $row[0], time()+3600); setcookie('lastname', $row[1], time()+3600); setcookie('username', $row[2], time()+3600); //Set the cookies echo "<p class='Body-error-P'><span class='Body-text-T'>Login successful. If you are not redirected in 15 seconds click <A HREF='./index.php'>here</A></span></p>"; print "<meta HTTP-EQUIV='REFRESH' content='5 url=./index.php'>"; } else { //no record matched the query echo "<p class='Body-error-P'><span class='Body-text-T'>The username and password you entered are not valid.</span></p>"; } mysql_close(); //close database connection } } Index.php Code: [Select] <?php include_once ("config.php"); if(isset($_COOKIE['firstname'])) //if not cookie present, redirect the user { echo "<p class='Body-text-P'><span class='Body-text2-T'>You are now logged in, <b>".$_COOKIE['firstname'].' '.$_COOKIE['firstname']."</b></span</p>"; } else { echo '<p class="Body-text-P"><span class="Body-text-T">You are not logged in at this current time. Please login or register.</span</p>'; } ?> Let me know if you need anymore coding... I'm having trouble setting a cookie in php. When a user logs in I send an ajax request to an file which contains this code to set the cookie setcookie("userCookie", $_SESSION['username'], time()+60*60*24*30); However when I include the following code to check to see if the cookie has been set is says is hasn't if(isset($_COOKIE['userCookie'])) { echo("cookie set"); } else { echo("cookie not set"); } I check to see that my browser is accepting cookies and it definitely is so I'm not sure what causing the problem. Thanks for any help. |
|||||||