PHP Cookie

I have a some PHP code I just installed to create a password protection scheme for a site. I downloaded it here: http://www.webworkzware.com/index.php/page/password_protection. The problem is that the script is supposed to set a cookie so that the user does not have to continually log in, but for some reason it will not work and I get an error that says I must set my browser to accept cookies - even though I know it is set to accept all cookies. Below is the code from the access_control.inc that I include in every directory I want to protect. Anyone used this before? I know its a longshot, but I am desperate! Thanks.  



<?
include ("config.inc");
include ("errors.inc");
include ("common.inc");
include ("connect.inc");




while (list($var, $val) = each ($HTTP_GET_VARS))
{
IF ($var == "cookieid")
{
echo ("You can not pass login parameters via GET operations.");
exit();
}
}

reset($HTTP_GET_VARS);




while (list($var, $val) = each ($HTTP_POST_VARS))
{
IF ($var == "cookieid")
{
echo ("You can not pass login parameters via POST operations.");
exit();
}
}

reset($HTTP_POST_VARS);




IF (isset($uid) AND !isset($cookieid))
{
$grabuser = "SELECT recID FROM user WHERE username = '$uid' AND password = '$pwd'";
$result = @mysql_query($grabuser);
sql_query($result, "$errors[03]");

IF (mysql_num_rows($result) == 0)
{
error ("$errors[04]");
include ("login_form.inc");
exit();
}

ELSE
{
$userid = @mysql_result($result,0,"recID");

$cookie_setter = @setcookie ("cookieid", $userid, time()+$maxlifetime);

IF (!$cookie_setter)
{
error ("$errors[05]");
}

ELSE
{
?>
<META HTTP-EQUIV=Refresh CONTENT="2; URL=<? echo ("$PHP_SELF"); ?>">

Please hold one second while we process your login...<br>
If this page does not refresh in 3 seconds, <A HREF="<? echo ("$PHP_SELF"); ?>">click here</a>.
<?
}

}

}


ELSE IF (!isset($uid) AND !isset($cookieid))
{
include ("login_form.inc");
exit();
}


?>
sundevil67Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Giovanni GCTOCommented:

Your script looks quite outdated, maybe it's only supposed to work on older PHP versions. You should try doing this cookies stuff yourself as it's trivial to do. The common way to go is, store username/password in a cookie, encrypting the password with the md5() function. You can compare the sent password by md5()'ing again your local password.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ZontarCommented:
Why not just get and set a cookie variable named something like $_COOKIE["login"] or $_COOKIE["loginid"], or better yet use $_SESSION which will work whether or not the user has cookies turned on in the browser?

Also you can use outbut buffering so that you can echo output, then use header() afterwards. In fact, I wouldn't echo anything unless the login fails, I'd just immediately redirect using header("Location: ...") or else post back to the same page the user logged in from.
aolXFTCommented:
That looks like a very badly written script. I personally suggest you forget about it and use PHP's builtin session management.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.