Link to home
Start Free TrialLog in
Avatar of wgws
wgws

asked on

Setting cookie from a form variable using php

What I am setting up is a login page that after loging in a cookie is set from the username field.
I am using dreamweaver MX form all of my programing as I know very little about php.
This is what I have, and for some reason it don't work:

<?
if (isset($HTTP_POST_VARS['user'])) {
setcookie("user", $HTTP_POST_VARS['user'], time()+86400*1);
}
?>
Avatar of etrain01
etrain01

Are you even gettting into the if() statement and if so is there an error???  More info please...

etrain01
Avatar of wgws

ASKER

Im not geting an error of any sort and it is setting a cookie that is called PHPSESSID and it stores a bunch one letters and numbers. Im not sure what eles you would like to know. If you would like to see it in action (I do know that you cant see the php) you can go to pedigree.whitegloveweb.com and log in as "test" with a password of "test" if you would like more info please just message me.
Avatar of wgws

ASKER

Im not geting an error of any sort and it is setting a cookie that is called PHPSESSID and it stores a bunch one letters and numbers. Im not sure what eles you would like to know. If you would like to see it in action (I do know that you cant see the php) you can go to pedigree.whitegloveweb.com and log in as "test" with a password of "test" if you would like more info please just message me.
Avatar of wgws

ASKER

Im not geting an error of any sort and it is setting a cookie that is called PHPSESSID and it stores a bunch one letters and numbers. Im not sure what eles you would like to know. If you would like to see it in action (I do know that you cant see the php) you can go to pedigree.whitegloveweb.com and log in as "test" with a password of "test" if you would like more info please just message me.
Avatar of wgws

ASKER

Sorry about the multipul submisions.
That file is the cookie file, you are not having a problem with the cookie itself but with the login verification.  Explain what the problem is exactly, is it forcing people to have to login for each page?

If so you need to create the script for each page (or put on one page and include on each page) that will first check to see if logged in and if not display login form else do everything else.

Avatar of wgws

ASKER

Well, after playing with it more I did find out that you are sort of right andriv. I took out the user login script that vairfies the user via mysql table and I got a good cookie that worked so it is in my userlogin script that is messing things up.
If you want to see the hole page here it is maybe that will help all of you out:

<?php require_once('Connections/a.php'); ?>
<?php
// *** Start the session
session_start();
// *** Validate request to log in to this site.
$FF_LoginAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING']) && $HTTP_SERVER_VARS['QUERY_STRING']!="") $FF_LoginAction .= "?".$HTTP_SERVER_VARS['QUERY_STRING'];
if (isset($HTTP_POST_VARS['user'])) {
  $FF_valUsername=$HTTP_POST_VARS['user'];
  $FF_valPassword=$HTTP_POST_VARS['password'];
  $FF_fldUserAuthorization="";
  $FF_redirectLoginSuccess="index2.php";
  $FF_redirectLoginFailed="retry.php";
  $FF_rsUser_Source="SELECT username, userpass ";
  if ($FF_fldUserAuthorization != "") $FF_rsUser_Source .= "," . $FF_fldUserAuthorization;
  $FF_rsUser_Source .= " FROM users WHERE username='" . $FF_valUsername . "' AND userpass='" . $FF_valPassword . "'";
  mysql_select_db($database_a, $a);
  $FF_rsUser=mysql_query($FF_rsUser_Source, $a) or die(mysql_error());
  $row_FF_rsUser = mysql_fetch_assoc($FF_rsUser);
  if(mysql_num_rows($FF_rsUser) > 0) {
    // username and password match - this is a valid user
    $MM_Username=$FF_valUsername;
    session_register("MM_Username");
    if ($FF_fldUserAuthorization != "") {
      $MM_UserAuthorization=$row_FF_rsUser[$FF_fldUserAuthorization];
    } else {
      $MM_UserAuthorization="";
    }
    session_register("MM_UserAuthorization");
    if (isset($accessdenied) && false) {
      $FF_redirectLoginSuccess = $accessdenied;
    }
    mysql_free_result($FF_rsUser);
    session_register("FF_login_failed");
      $FF_login_failed = false;
    header ("Location: $FF_redirectLoginSuccess");
    exit;
  }
  mysql_free_result($FF_rsUser);
  session_register("FF_login_failed");
  $FF_login_failed = true;
  header ("Location: $FF_redirectLoginFailed");
  exit;
}
?>
<?php
// FELIXONE - 2002   SB by Felice Di Stefano - www.felixone.it
if (isset($HTTP_POST_VARS['user'])) {
setcookie("user", $HTTP_POST_VARS['user'], time()+86400*1);
}
?>

<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body bgcolor="#009999" text="#000000" link="#000000" vlink="#000000" alink="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
  <!--DWLayoutTable-->
  <tr>
    <td width="760" height="59" valign="top"><img src="Images/Logo.gif" width="760" height="59"></td>
  </tr>
</table>
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
  <!--DWLayoutTable-->
  <tr>
    <td width="758" height="120" valign="top"><div align="center">Please login
        to view your dogs.</div>
      <form action="<?php echo $FF_LoginAction?>" method="POST" name="form1">
        <div align="center">Username:
          <input name="user" type="text" id="user">
          <br>
          Password:
          <input name="password" type="text" id="password">
          <br>
          <input type="submit" name="Submit2" value="Enter" onClick = "user(user)">
        </div>
      </form></td>
    <td width="2"></td>
  </tr>
</table>
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
  <!--DWLayoutTable-->
  <tr>
    <td width="760" height="30">&nbsp;</td>
  </tr>
  <tr>
    <td height="57" valign="top"><div align="center">
        <form name="form2" method="post" action="new.php">
          <input type="submit" name="Submit" value="If you are new please click here.">
        </form>
      </div></td>
    </tr>
</table>
</body>
</html>
Avatar of wgws

ASKER

Well, after playing with it more I did find out that you are sort of right andriv. I took out the user login script that vairfies the user via mysql table and I got a good cookie that worked so it is in my userlogin script that is messing things up.
If you want to see the hole page here it is maybe that will help all of you out:

<?php require_once('Connections/a.php'); ?>
<?php
// *** Start the session
session_start();
// *** Validate request to log in to this site.
$FF_LoginAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING']) && $HTTP_SERVER_VARS['QUERY_STRING']!="") $FF_LoginAction .= "?".$HTTP_SERVER_VARS['QUERY_STRING'];
if (isset($HTTP_POST_VARS['user'])) {
  $FF_valUsername=$HTTP_POST_VARS['user'];
  $FF_valPassword=$HTTP_POST_VARS['password'];
  $FF_fldUserAuthorization="";
  $FF_redirectLoginSuccess="index2.php";
  $FF_redirectLoginFailed="retry.php";
  $FF_rsUser_Source="SELECT username, userpass ";
  if ($FF_fldUserAuthorization != "") $FF_rsUser_Source .= "," . $FF_fldUserAuthorization;
  $FF_rsUser_Source .= " FROM users WHERE username='" . $FF_valUsername . "' AND userpass='" . $FF_valPassword . "'";
  mysql_select_db($database_a, $a);
  $FF_rsUser=mysql_query($FF_rsUser_Source, $a) or die(mysql_error());
  $row_FF_rsUser = mysql_fetch_assoc($FF_rsUser);
  if(mysql_num_rows($FF_rsUser) > 0) {
    // username and password match - this is a valid user
    $MM_Username=$FF_valUsername;
    session_register("MM_Username");
    if ($FF_fldUserAuthorization != "") {
      $MM_UserAuthorization=$row_FF_rsUser[$FF_fldUserAuthorization];
    } else {
      $MM_UserAuthorization="";
    }
    session_register("MM_UserAuthorization");
    if (isset($accessdenied) && false) {
      $FF_redirectLoginSuccess = $accessdenied;
    }
    mysql_free_result($FF_rsUser);
    session_register("FF_login_failed");
      $FF_login_failed = false;
    header ("Location: $FF_redirectLoginSuccess");
    exit;
  }
  mysql_free_result($FF_rsUser);
  session_register("FF_login_failed");
  $FF_login_failed = true;
  header ("Location: $FF_redirectLoginFailed");
  exit;
}
?>
<?php
// FELIXONE - 2002   SB by Felice Di Stefano - www.felixone.it
if (isset($HTTP_POST_VARS['user'])) {
setcookie("user", $HTTP_POST_VARS['user'], time()+86400*1);
}
?>

<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body bgcolor="#009999" text="#000000" link="#000000" vlink="#000000" alink="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
  <!--DWLayoutTable-->
  <tr>
    <td width="760" height="59" valign="top"><img src="Images/Logo.gif" width="760" height="59"></td>
  </tr>
</table>
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
  <!--DWLayoutTable-->
  <tr>
    <td width="758" height="120" valign="top"><div align="center">Please login
        to view your dogs.</div>
      <form action="<?php echo $FF_LoginAction?>" method="POST" name="form1">
        <div align="center">Username:
          <input name="user" type="text" id="user">
          <br>
          Password:
          <input name="password" type="text" id="password">
          <br>
          <input type="submit" name="Submit2" value="Enter" onClick = "user(user)">
        </div>
      </form></td>
    <td width="2"></td>
  </tr>
</table>
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
  <!--DWLayoutTable-->
  <tr>
    <td width="760" height="30">&nbsp;</td>
  </tr>
  <tr>
    <td height="57" valign="top"><div align="center">
        <form name="form2" method="post" action="new.php">
          <input type="submit" name="Submit" value="If you are new please click here.">
        </form>
      </div></td>
    </tr>
</table>
</body>
</html>
Avatar of wgws

ASKER

Man I did it again.

What PHP version are you running?
you might want to do <?phpinfo()?> to know this.

Anyhow, why not to use sessions? they are much easier. Check out here: www.php.net/sessions


Maxim Maletsky
maxim@php.net
(yes, one of the many who created PHP for you)
Avatar of wgws

ASKER

My server is using version 4.2.1. I have never delt with <?phpinfo()?>.
Hope this helps...

<?php

session_start(); // start php session handling

if (strlen($_REQUEST["user"]) > 0) {
  // set the session variable "user" to the user
  $_SESSION["user"] = $_REQUEST["user"]
}


// $_SESSION["user"] will exist if they have just
// logged on, or if they have logged on before

if ( ! isset($_SESSION["user"]) ) {
  print $login_page_html;
  exit;
} else {
  print $std_content_page_html;
}

?>

but please .. http://www.php.net/sessions .. read more about php sessions before using them.
ASKER CERTIFIED SOLUTION
Avatar of truckdrivenman
truckdrivenman

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of wgws

ASKER

I had this figured out but what you have loads faster.