FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Cookie Problem *Please Close*





polly-gone
I know I have posted a post similar to this, but this is a whole new problem.

I am trying this login script:


Quote:

Code:

<?php
ob_start();
if(!isset($_COOKIE['user']))
{
?>

<div align="center">
Clients Login Here<br><br>

<form name="login" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<table>
<tr><td>Username:</td><td> <input size="32" maxlength="32" type="text" name="username"></td></tr>
<tr><td>Password:</td><td> <input size="32" maxlength="16" type="password" name="password"></td></tr>
<tr><td>Remember me:</td><td> <input type="checkbox" name="remember" value="y"></td></tr>
</table>
<input type="submit" name="submit" value="Login"/></form>
<br><br>
<a href="?section=client&page=lostpass">Forgot your password?</a>

</div>

<?php




$username = $_POST['username'];
$password = $_POST['password'];
$passwordmd5 = md5($password);
$rem = $_POST['remember'];

//Includes
include ('./includes/config.php');
include ('./includes/functions.php');

//Open Connection
$connection = mysql_connect($host, $user, $pass) or die('Unable to connect to the Atomic Dingo Productions Database');

//Select 'home' Database
mysql_select_db($db) or die('Unable to connect to the \'home\' Database');

//Generate and Execute Query
$query = "SELECT username, password, userlevel, contact FROM users WHERE username = '$username' AND password = '$passwordmd5'";

$result = mysql_query($query) or die("Error in query: $query. " . mysql_error());

//IF Records Present
if(mysql_num_rows($result) == 1)
{
      
      if($rem == 'y')
      {
            $length = time()+60*60*24*30;
      }
      else
      {
            $lenth = 0;
      }
      
      setcookie('user', $_POST['username'], $length, '/', ".atomicdingo.us");
      setcookie('level', $row->level, $length, '/', ".atomicdingo.us");
      ob_end_flush();
      echo "Login Successful, ".$row->contact;
}

}
/*else if(mysql_num_rows($result) == 0)
{*/
?>
<!--<div align="center">
<font color="#ff0000">INVALID Username or Password!</font>
</div>-->

<?php
//}

?>


It just WILL NOT set ANY cookies!

And I know for sure because I am using Firefox's Web Developer tool bar and it says no cookies on my website.


Does anyone have a fairly simple solution?

Thanks,
-Nick Smile Smile Smile
rvec
try to echo all the variables just before using them. That might give a hint.
polly-gone
Here is what the page looks like now:

Quote:
Code:
<?php
ob_start();

if(!isset($_COOKIE['user']))
{
?>

<div align="center">
Clients Login Here<br><br>

<form name="login" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<table>
<tr><td>Username:</td><td> <input size="32" maxlength="32" type="text" name="username"></td></tr>
<tr><td>Password:</td><td> <input size="32" maxlength="16" type="password" name="password"></td></tr>
<tr><td>Remember me:</td><td> <input type="checkbox" name="remember" value="y"></td></tr>
</table>
<input type="submit" name="submit" value="Login"/></form>
<br><br>
<a href="?section=client&page=lostpass">Forgot your password?</a>

</div>

<?php


$username = $_POST['username'];
echo $username;
$password = $_POST['password'];
echo $password;
$passwordmd5 = md5($password);
echo $passwordmd5;
$rem = $_POST['remember'];
echo $rem;

//Includes
include ('./includes/config.php');
include ('./includes/functions.php');

//Open Connection
$connection = mysql_connect($host, $user, $pass) or die('Unable to connect to the Atomic Dingo Productions Database');

//Select 'home' Database
mysql_select_db($db) or die('Unable to connect to the \'home\' Database');

//Generate and Execute Query
$query = "SELECT username, password, userlevel, contact FROM users WHERE username = '$username' AND password = '$passwordmd5'";

$result = mysql_query($query) or die("Error in query: $query. " . mysql_error());

//IF Records Present
if(mysql_num_rows($result) == 1)
{
      
      if($rem == 'y')
      {
            $length = time()+60*60*24*30;
      }
      else
      {
            $lenth = 0;
      }
      
      setcookie('user', $_POST['username'], $length, '/', ".atomicdingo.us");
      setcookie('level', $row->level, $length, '/', ".atomicdingo.us");
      ob_end_flush();
}

}
/*else if(mysql_num_rows($result) == 0)
{*/
?>
<!--<div align="center">
<font color="#ff0000">INVALID Username or Password!</font>
</div>-->



And whenever I got to the page, right below the form is some random md5 hash.

-Nick Smile Smile Smile
rvec
that's probably the md5 hash of "" (nothing) . Try to only let the form show up if there is no post data and no cookie data. And let the other stuff like the mysql query only execute when there is post data and no cookie set.
polly-gone
GAAA!!! IT WON'T WORK! WAAAA!!! I cannot figure out the problem!

-Nick Mad Mad Mad Mad Mad Mad
DjMilez
You could try echoing the log in code instead of breaking off the php code.

I dunno if it'd work, but it's just a thought.
rvec
eeh, with putting echo's in I meant also showing the output Wink
if you tell us what you put in, and show us the output it makes it a bit easier Razz
Star Wars Fanatic
Looks like you might have some whitespace before you start the output buffering. Make sure there is nothing before the <?php tag:
Code:
<?php
ob_start();
if(!isset($_COOKIE['user']))
{
?>

<div align="center">
Clients Login Here<br><br>

<form name="login" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<table>
<tr><td>Username:</td><td> <input size="32" maxlength="32" type="text" name="username"></td></tr>
<tr><td>Password:</td><td> <input size="32" maxlength="16" type="password" name="password"></td></tr>
<tr><td>Remember me:</td><td> <input type="checkbox" name="remember" value="y"></td></tr>
</table>
<input type="submit" name="submit" value="Login"/></form>
<br><br>
<a href="?section=client&page=lostpass">Forgot your password?</a>

</div>

<?php




$username = $_POST['username'];
$password = $_POST['password'];
$passwordmd5 = md5($password);
$rem = $_POST['remember'];

//Includes
include ('./includes/config.php');
include ('./includes/functions.php');

//Open Connection
$connection = mysql_connect($host, $user, $pass) or die('Unable to connect to the Atomic Dingo Productions Database');

//Select 'home' Database
mysql_select_db($db) or die('Unable to connect to the \'home\' Database');

//Generate and Execute Query
$query = "SELECT username, password, userlevel, contact FROM users WHERE username = '$username' AND password = '$passwordmd5'";

$result = mysql_query($query) or die("Error in query: $query. " . mysql_error());

//IF Records Present
if(mysql_num_rows($result) == 1)
{
      
      if($rem == 'y')
      {
            $length = time()+60*60*24*30;
      }
      else
      {
            $lenth = 0;
      }
      
      setcookie('user', $_POST['username'], $length, '/', ".atomicdingo.us");
      setcookie('level', $row->level, $length, '/', ".atomicdingo.us");
      ob_end_flush();
      echo "Login Successful, ".$row->contact;
}

}
/*else if(mysql_num_rows($result) == 0)
{*/
?>
<!--<div align="center">
<font color="#ff0000">INVALID Username or Password!</font>
</div>-->

<?php
//}

?>


Also, try putting this at the top of the code so you can see all the errors. And let us know if any new ones pop up:

Code:
error_reporting(E_ALL);


Also make sure that the code is actually getting to the part where it sets the cookies.
Maybe put a few echos here and there in and out of if statements so you can see where it stops executing, and possibly if it never gets to the part where it sets the cookies.
Such as:
Code:
<?php
ob_start();
if(!isset($_COOKIE['user']))
{
echo "In if(cookie) statement" ;
?>
polly-gone
Star Wars Fanatic wrote:
Looks like you might have some whitespace before you start the output buffering. Make sure there is nothing before the <?php tag:


Nah. That's just because I put

['code]

Coding.....
['/code]

I will try your suggestion and get back to you on this.

-Nick Smile Smile Smile
polly-gone
Quote:
Code:
<?php ob_start();

if(!isset($_COOKIE['user']))
{
echo "ECHOONE";

echo "<div align=\"center\">Clients Login Here<br><br>";
?>

<form name="login" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<?php
echo "<table><tr><td>Username:</td><td> <input size=\"32\" maxlength=\"32\" type=\"text\" name=\"username\"></td></tr>";
echo "<tr><td>Password:</td><td> <input size=\"32\" maxlength=\"16\" type=\"password\" name=\"password\"></td></tr>";
echo "</table><input type=\"submit\" name=\"submit\" value=\"Login\"></form><br><br><a href=\"?section=client&page=lostpass\">Forgot your password?</a>";


$username = $_POST['username'];
echo $username;
$password = $_POST['password'];
echo $password;
$passwordmd5 = md5($password);
echo $passwordmd5;
$rem = $_POST['remember'];
echo $rem;

//Includes
include ('./includes/config.php');
include ('./includes/functions.php');
echo "ECHOTWO";
//Open Connection
$connection = mysql_connect($host, $user, $pass) or die('Unable to connect to the Atomic Dingo Productions Database');

//Select 'home' Database
mysql_select_db($db) or die('Unable to connect to the \'home\' Database');

//Generate and Execute Query
$query = "SELECT username, password, userlevel, contact FROM users WHERE username = '$username' AND password = '$passwordmd5'";

$result = mysql_query($query) or die("Error in query: $query. " . mysql_error());

//IF Records Present
echo "ECHOTHREE";
if(mysql_num_rows($result) == 1)
{
      
      if($rem == 'y')
      {
            $length = time()+60*60*24*30;
      }
      else
      {
            $lenth = 0;
      }
      
      setcookie("user", $row->username);
      setcookie("level", $row->level);
      ob_end_flush();
      error_reporting(E_ALL);
      echo "ECHOFOUR";
}

}
else if(isset($_COOKIE['user']));
{
?>

<div id="dashnav">
   <div id="dashnav1"><a href="?section=client&page=home">[DashBoard Home]</a></div>
   <div id="dashnav2"><a href="?section=client&page=projects">[Projects]</a></div>
   <div id="dashnav1"><a href="?section=client&page=progress">[Progress]</a></div>
   <div id="dashnav2"><a href="?section=client&page=support">[Support]</a></div>
</div>

<?php
}

?>




Whenever I go to the page, it says ECHOONE at the top and ECHOTWOECHOTHREE at the bottom. The stuff that should only appear if the cookie IS set is appearing. I type in the username 'demo' and the password 'demo', click submit, and it take me to the homepage.

-Nick Smile Wink Wink
polly-gone
Okay.... I have NO idea what the problem is. When no cookie is set, everything shows, but when I manually set a cookie using FireFox Web Developer Toolbar, only the things that should appear when a cookie is set appear.
Star Wars Fanatic
So the cookies are being set or not?

polly-gone wrote:
Okay.... I have NO idea what the problem is. When no cookie is set, everything shows, but when I manually set a cookie using FireFox Web Developer Toolbar, only the things that should appear when a cookie is set appear.


Can we get a link to this page? I'd like to see it in action, if that's alright.

P.S. What is the $row->username and $row->level, and how are they being set? They might not have a value. Use var_dump ( $row->username ) ; right before you set the cookie, and tell me what the output is.
Fire Boar
I can see your problem. There's a bit of logic missing.

Code:
<?php
ob_start();
if(!isset($_COOKIE['user']) && !$_POST['username'])
{
?>

<div align="center">
Clients Login Here<br><br>

<form name="login" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<table>
<tr><td>Username:</td><td> <input size="32" maxlength="32" type="text" name="username"></td></tr>
<tr><td>Password:</td><td> <input size="32" maxlength="16" type="password" name="password"></td></tr>
<tr><td>Remember me:</td><td> <input type="checkbox" name="remember" value="y"></td></tr>
</table>
<input type="submit" name="submit" value="Login"/></form>
<br><br>
<a href="?section=client&page=lostpass">Forgot your password?</a>

</div>

<?php
}
else if (!isset($_COOKIE['user']))
{

$username = $_POST['username'];
$password = $_POST['password'];
$passwordmd5 = md5($password);
$rem = $_POST['remember'];

//Includes
include ('./includes/config.php');
include ('./includes/functions.php');

//Open Connection
$connection = mysql_connect($host, $user, $pass) or die('Unable to connect to the Atomic Dingo Productions Database');

//Select 'home' Database
mysql_select_db($db) or die('Unable to connect to the \'home\' Database');

//Generate and Execute Query
$query = "SELECT username, password, userlevel, contact FROM users WHERE username = '$username' AND password = '$passwordmd5'";

$result = mysql_query($query) or die("Error in query: $query. " . mysql_error());

//IF Records Present
if ($row = mysql_fetch_array($result))
{
      $length = ($rem == 'y') ? time()+60*60*24*30 : 0;
     
      setcookie('user', $_POST['username'], $length, '/', ".atomicdingo.us");
      setcookie('level', $row['userlevel'], $length, '/', ".atomicdingo.us");
      ob_end_flush();
      echo "Login Successful, ".$row['contact'];
}
else
{
?>
<div align="center">
<font color="#ff0000">INVALID Username or Password!</font>
</div>

<?php
}

}

?>


If that doesn't work, check to see if cookies are enabled in your web browser.
rvec
I modified the script of Fire Boar a bit.
First thing I changed is I added another isset to the first line.
Secondly I added some indenting.
Also I changed the if ($rem == 'y') line because I wasn't sure it would work that way (it might but I just wasn't sure).
And last but not least I added mysql_real_escape_string to make sure there is not mysql code in the $username var (prevents mysql injections).

note that the script won't have any output before setting the cookie, so buffering isn't needed. Also not that there is no output at all if the user has a cookie set.
Code:
<?php
if(!isset($_COOKIE['user']) && !isset($_POST['username'])) {
   ?>

   <div align="center">
      Clients Login Here<br><br>

      <form name="login" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
         <table>
            <tr><td>Username:</td><td> <input size="32" maxlength="32" type="text" name="username"></td></tr>
            <tr><td>Password:</td><td> <input size="32" maxlength="16" type="password" name="password"></td></tr>
            <tr><td>Remember me:</td><td> <input type="checkbox" name="remember" value="y"></td></tr>
         </table>
         <input type="submit" name="submit" value="Login"/>
      </form>
      <br><br>
      <a href="?section=client&page=lostpass">Forgot your password?</a>

   </div>

   <?php
} elseif (!isset($_COOKIE['user'])) {
   //we don't want mysql injections
   $username = mysql_real_escape_string($_POST['username']);
   $password = $_POST['password'];
   $passwordmd5 = md5($password);
   $rem = $_POST['remember'];

   //Includes
   include ('./includes/config.php');
   include ('./includes/functions.php');

   //Open Connection
   $connection = mysql_connect($host, $user, $pass) or die('Unable to connect to the Atomic Dingo Productions Database');

   //Select 'home' Database
   mysql_select_db($db) or die('Unable to connect to the \'home\' Database');

   //Generate and Execute Query
   $query = "SELECT username, password, userlevel, contact FROM users WHERE username = '$username' AND password = '$passwordmd5'";
   $result = mysql_query($query) or die("Error in query: $query. " . mysql_error());

   //IF Records Present
   if ($row = mysql_fetch_array($result)) {
      if ($rem == 'y') {
         $length = time()+60*60*24*30;
      }else{
         $length = 0;
      }
         setcookie('user', $_POST['username'], $length, '/', ".atomicdingo.us");
         setcookie('level', $row['userlevel'], $length, '/', ".atomicdingo.us");
         echo "Login Successful, ".$row['contact'];
   }else{
      ?>
      <div align="center">
         <font color="#ff0000">INVALID Username or Password!</font>
      </div>
      <?php
   }
}
?>
Fire Boar
Hm, there was actually a reason I didn't use isset. The reason being that if the user supplied a blank username, $_POST['username'] would be set, so isset($_POST['username']) would return true, whereas $_POST['username'] would return '' (which is false in the boolean terms of an if statement).

And in-line conditional statements do work perfectly well in PHP. $length = ($rem == 'y') ? time()+60*60*24*30 : 0; is fine, and more compact than the alternative.

Indenting is always good though, and the mysql_real_escape_string is a VERY good idea.
polly-gone
WAAA! IT STILL DOESN'T WORK!

rvec, I tried your script version, and it looked like it was doing alright, so I typed in the username and password, and pressed submit, it went to the homepage, and didn't set any cookies.

-Nick Mad Mad Mad
Star Wars Fanatic
Can we have a link to where you're hosting this page, polly-gone? I'd like to see it in action if I could.
polly-gone
Here it is.

The whole thing is just index.php with includes to the different pages.

-Nick Cool Cool Cool
Star Wars Fanatic
polly-gone wrote:
Here it is.

The whole thing is just index.php with includes to the different pages.

-Nick Cool Cool Cool


That's where your problem is, I think...

You have the form point to index.php, so it doesn't include the login php script. Try putting the login php script inside your index.php, at the very top, I think it might work then.
polly-gone
ooooooohhhh......

hmmm.....

I'll try that....

-Nick Embarassed Embarassed Embarassed
Star Wars Fanatic
If you want to point to the page you're at, try this code, although it might not work, I'm not sure...

Code:
<form name="login" action="/index.php?section=client&page=home" method="POST">


Instead of this code:
Code:
<form name="login" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
polly-gone
Okay, so I sent it to an external script that was on a separate page, and guess what?!? IT WORKS!

Thanks, Everyone.

Now will you please excuse me while I go scream and kick myself repeatedly for wasting so much time? Thanks!

-Nick Mad Evil or Very Mad Shocked Pray
Star Wars Fanatic
No problem, glad we could help.
polly-gone
How do I make it go back to the homepage after it gets to the confirmation page? I want it to auto redirect.

Thanks,
-Nick Smile Smile Smile
Star Wars Fanatic
Easiest might be html redirection, but you can also use php redirection, but php is instant, and you can't output anything.
Here is html:
Code:
<META HTTP-EQUIV="Refresh" CONTENT="5; URL=new_page.php'">

Just put it between the <head> tags. Change the 5 to however many seconds you want the page to wait before it redirects.

And php:

Code:
header( 'Location: http://www.yoursite.com/new_page.php' ) ;


Just have to make sure there is no output before you put that code.
polly-gone
Thanks. rvec, you can close this now.

-Nick Very Happy Very Happy Very Happy
polly-gone
Wait! Don't close it! I have another problem!

Code:
setcookie("user", "", time() - 3600);
setcookie("level", "", time() - 3600);


Why isn't that clearing the cookies?

-Nick Confused Confused Confused
polly-gone
I fixed it.... nvm....

You can close this for REAL this time!

-Nick
rvec
-close-
Related topics
an annoying problem - PLEASE help
Cookie problem
(Please close) Which gamegenre do you prefer?
Need Mods Installed! (Problem Solved *Please Close*)
CLOSE PLEASE CLOSE PLEASE CLOSE PLEASE
I am going to need a lot of help***** PLEASE CLOSE**********
Need One Banner (25 firh$)
Please close - Feedback on my chocolate/candy project
PLEASE CLOSE - Open Letter of Invitation to FriHost Staff...
Please Close Mods.
~Nevermind~ Urgent- Camera won't wake up. ~Please Close~
offer over, please close
ORDER BY (SOLVED! Please close!)
Website not showing content *IGNORE, MODS PLEASE CLOSE*
This topic is locked: you cannot edit posts or make replies.    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.