Avatar of wgws
wgws
 asked on

Setting cookie from a form variable using php

What I am setting up is a login page that after loging in a cookie is set from the username field.
I am using dreamweaver MX form all of my programing as I know very little about php.
This is what I have, and for some reason it don't work:

<?
if (isset($HTTP_POST_VARS['user'])) {
setcookie("user", $HTTP_POST_VARS['user'], time()+86400*1);
}
?>
PHP

Avatar of undefined
Last Comment
wgws

8/22/2022 - Mon
etrain01

Are you even gettting into the if() statement and if so is there an error???  More info please...

etrain01
wgws

ASKER
Im not geting an error of any sort and it is setting a cookie that is called PHPSESSID and it stores a bunch one letters and numbers. Im not sure what eles you would like to know. If you would like to see it in action (I do know that you cant see the php) you can go to pedigree.whitegloveweb.com and log in as "test" with a password of "test" if you would like more info please just message me.
wgws

ASKER
Im not geting an error of any sort and it is setting a cookie that is called PHPSESSID and it stores a bunch one letters and numbers. Im not sure what eles you would like to know. If you would like to see it in action (I do know that you cant see the php) you can go to pedigree.whitegloveweb.com and log in as "test" with a password of "test" if you would like more info please just message me.
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
wgws

ASKER
Im not geting an error of any sort and it is setting a cookie that is called PHPSESSID and it stores a bunch one letters and numbers. Im not sure what eles you would like to know. If you would like to see it in action (I do know that you cant see the php) you can go to pedigree.whitegloveweb.com and log in as "test" with a password of "test" if you would like more info please just message me.
wgws

ASKER
Sorry about the multipul submisions.
andriv

That file is the cookie file, you are not having a problem with the cookie itself but with the login verification.  Explain what the problem is exactly, is it forcing people to have to login for each page?

If so you need to create the script for each page (or put on one page and include on each page) that will first check to see if logged in and if not display login form else do everything else.

⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
wgws

ASKER
Well, after playing with it more I did find out that you are sort of right andriv. I took out the user login script that vairfies the user via mysql table and I got a good cookie that worked so it is in my userlogin script that is messing things up.
If you want to see the hole page here it is maybe that will help all of you out:

<?php require_once('Connections/a.php'); ?>
<?php
// *** Start the session
session_start();
// *** Validate request to log in to this site.
$FF_LoginAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING']) && $HTTP_SERVER_VARS['QUERY_STRING']!="") $FF_LoginAction .= "?".$HTTP_SERVER_VARS['QUERY_STRING'];
if (isset($HTTP_POST_VARS['user'])) {
  $FF_valUsername=$HTTP_POST_VARS['user'];
  $FF_valPassword=$HTTP_POST_VARS['password'];
  $FF_fldUserAuthorization="";
  $FF_redirectLoginSuccess="index2.php";
  $FF_redirectLoginFailed="retry.php";
  $FF_rsUser_Source="SELECT username, userpass ";
  if ($FF_fldUserAuthorization != "") $FF_rsUser_Source .= "," . $FF_fldUserAuthorization;
  $FF_rsUser_Source .= " FROM users WHERE username='" . $FF_valUsername . "' AND userpass='" . $FF_valPassword . "'";
  mysql_select_db($database_a, $a);
  $FF_rsUser=mysql_query($FF_rsUser_Source, $a) or die(mysql_error());
  $row_FF_rsUser = mysql_fetch_assoc($FF_rsUser);
  if(mysql_num_rows($FF_rsUser) > 0) {
    // username and password match - this is a valid user
    $MM_Username=$FF_valUsername;
    session_register("MM_Username");
    if ($FF_fldUserAuthorization != "") {
      $MM_UserAuthorization=$row_FF_rsUser[$FF_fldUserAuthorization];
    } else {
      $MM_UserAuthorization="";
    }
    session_register("MM_UserAuthorization");
    if (isset($accessdenied) && false) {
      $FF_redirectLoginSuccess = $accessdenied;
    }
    mysql_free_result($FF_rsUser);
    session_register("FF_login_failed");
      $FF_login_failed = false;
    header ("Location: $FF_redirectLoginSuccess");
    exit;
  }
  mysql_free_result($FF_rsUser);
  session_register("FF_login_failed");
  $FF_login_failed = true;
  header ("Location: $FF_redirectLoginFailed");
  exit;
}
?>
<?php
// FELIXONE - 2002   SB by Felice Di Stefano - www.felixone.it
if (isset($HTTP_POST_VARS['user'])) {
setcookie("user", $HTTP_POST_VARS['user'], time()+86400*1);
}
?>

<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body bgcolor="#009999" text="#000000" link="#000000" vlink="#000000" alink="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
  <!--DWLayoutTable-->
  <tr>
    <td width="760" height="59" valign="top"><img src="Images/Logo.gif" width="760" height="59"></td>
  </tr>
</table>
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
  <!--DWLayoutTable-->
  <tr>
    <td width="758" height="120" valign="top"><div align="center">Please login
        to view your dogs.</div>
      <form action="<?php echo $FF_LoginAction?>" method="POST" name="form1">
        <div align="center">Username:
          <input name="user" type="text" id="user">
          <br>
          Password:
          <input name="password" type="text" id="password">
          <br>
          <input type="submit" name="Submit2" value="Enter" onClick = "user(user)">
        </div>
      </form></td>
    <td width="2"></td>
  </tr>
</table>
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
  <!--DWLayoutTable-->
  <tr>
    <td width="760" height="30">&nbsp;</td>
  </tr>
  <tr>
    <td height="57" valign="top"><div align="center">
        <form name="form2" method="post" action="new.php">
          <input type="submit" name="Submit" value="If you are new please click here.">
        </form>
      </div></td>
    </tr>
</table>
</body>
</html>
wgws

ASKER
Well, after playing with it more I did find out that you are sort of right andriv. I took out the user login script that vairfies the user via mysql table and I got a good cookie that worked so it is in my userlogin script that is messing things up.
If you want to see the hole page here it is maybe that will help all of you out:

<?php require_once('Connections/a.php'); ?>
<?php
// *** Start the session
session_start();
// *** Validate request to log in to this site.
$FF_LoginAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING']) && $HTTP_SERVER_VARS['QUERY_STRING']!="") $FF_LoginAction .= "?".$HTTP_SERVER_VARS['QUERY_STRING'];
if (isset($HTTP_POST_VARS['user'])) {
  $FF_valUsername=$HTTP_POST_VARS['user'];
  $FF_valPassword=$HTTP_POST_VARS['password'];
  $FF_fldUserAuthorization="";
  $FF_redirectLoginSuccess="index2.php";
  $FF_redirectLoginFailed="retry.php";
  $FF_rsUser_Source="SELECT username, userpass ";
  if ($FF_fldUserAuthorization != "") $FF_rsUser_Source .= "," . $FF_fldUserAuthorization;
  $FF_rsUser_Source .= " FROM users WHERE username='" . $FF_valUsername . "' AND userpass='" . $FF_valPassword . "'";
  mysql_select_db($database_a, $a);
  $FF_rsUser=mysql_query($FF_rsUser_Source, $a) or die(mysql_error());
  $row_FF_rsUser = mysql_fetch_assoc($FF_rsUser);
  if(mysql_num_rows($FF_rsUser) > 0) {
    // username and password match - this is a valid user
    $MM_Username=$FF_valUsername;
    session_register("MM_Username");
    if ($FF_fldUserAuthorization != "") {
      $MM_UserAuthorization=$row_FF_rsUser[$FF_fldUserAuthorization];
    } else {
      $MM_UserAuthorization="";
    }
    session_register("MM_UserAuthorization");
    if (isset($accessdenied) && false) {
      $FF_redirectLoginSuccess = $accessdenied;
    }
    mysql_free_result($FF_rsUser);
    session_register("FF_login_failed");
      $FF_login_failed = false;
    header ("Location: $FF_redirectLoginSuccess");
    exit;
  }
  mysql_free_result($FF_rsUser);
  session_register("FF_login_failed");
  $FF_login_failed = true;
  header ("Location: $FF_redirectLoginFailed");
  exit;
}
?>
<?php
// FELIXONE - 2002   SB by Felice Di Stefano - www.felixone.it
if (isset($HTTP_POST_VARS['user'])) {
setcookie("user", $HTTP_POST_VARS['user'], time()+86400*1);
}
?>

<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body bgcolor="#009999" text="#000000" link="#000000" vlink="#000000" alink="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
  <!--DWLayoutTable-->
  <tr>
    <td width="760" height="59" valign="top"><img src="Images/Logo.gif" width="760" height="59"></td>
  </tr>
</table>
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
  <!--DWLayoutTable-->
  <tr>
    <td width="758" height="120" valign="top"><div align="center">Please login
        to view your dogs.</div>
      <form action="<?php echo $FF_LoginAction?>" method="POST" name="form1">
        <div align="center">Username:
          <input name="user" type="text" id="user">
          <br>
          Password:
          <input name="password" type="text" id="password">
          <br>
          <input type="submit" name="Submit2" value="Enter" onClick = "user(user)">
        </div>
      </form></td>
    <td width="2"></td>
  </tr>
</table>
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
  <!--DWLayoutTable-->
  <tr>
    <td width="760" height="30">&nbsp;</td>
  </tr>
  <tr>
    <td height="57" valign="top"><div align="center">
        <form name="form2" method="post" action="new.php">
          <input type="submit" name="Submit" value="If you are new please click here.">
        </form>
      </div></td>
    </tr>
</table>
</body>
</html>
wgws

ASKER
Man I did it again.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
s-maxim


What PHP version are you running?
you might want to do <?phpinfo()?> to know this.

Anyhow, why not to use sessions? they are much easier. Check out here: www.php.net/sessions


Maxim Maletsky
maxim@php.net
(yes, one of the many who created PHP for you)
wgws

ASKER
My server is using version 4.2.1. I have never delt with <?phpinfo()?>.
spere

Hope this helps...

<?php

session_start(); // start php session handling

if (strlen($_REQUEST["user"]) > 0) {
  // set the session variable "user" to the user
  $_SESSION["user"] = $_REQUEST["user"]
}


// $_SESSION["user"] will exist if they have just
// logged on, or if they have logged on before

if ( ! isset($_SESSION["user"]) ) {
  print $login_page_html;
  exit;
} else {
  print $std_content_page_html;
}

?>

but please .. http://www.php.net/sessions .. read more about php sessions before using them.
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
ASKER CERTIFIED SOLUTION
truckdrivenman

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
wgws

ASKER
I had this figured out but what you have loads faster.