Solved

PHP Cookie

Posted on 2003-11-14
5
375 Views
Last Modified: 2008-03-06
I have a some PHP code I just installed to create a password protection scheme for a site. I downloaded it here: http://www.webworkzware.com/index.php/page/password_protection. The problem is that the script is supposed to set a cookie so that the user does not have to continually log in, but for some reason it will not work and I get an error that says I must set my browser to accept cookies - even though I know it is set to accept all cookies. Below is the code from the access_control.inc that I include in every directory I want to protect. Anyone used this before? I know its a longshot, but I am desperate! Thanks.  



<?
include ("config.inc");
include ("errors.inc");
include ("common.inc");
include ("connect.inc");




while (list($var, $val) = each ($HTTP_GET_VARS))
{
IF ($var == "cookieid")
{
echo ("You can not pass login parameters via GET operations.");
exit();
}
}

reset($HTTP_GET_VARS);




while (list($var, $val) = each ($HTTP_POST_VARS))
{
IF ($var == "cookieid")
{
echo ("You can not pass login parameters via POST operations.");
exit();
}
}

reset($HTTP_POST_VARS);




IF (isset($uid) AND !isset($cookieid))
{
$grabuser = "SELECT recID FROM user WHERE username = '$uid' AND password = '$pwd'";
$result = @mysql_query($grabuser);
sql_query($result, "$errors[03]");

IF (mysql_num_rows($result) == 0)
{
error ("$errors[04]");
include ("login_form.inc");
exit();
}

ELSE
{
$userid = @mysql_result($result,0,"recID");

$cookie_setter = @setcookie ("cookieid", $userid, time()+$maxlifetime);

IF (!$cookie_setter)
{
error ("$errors[05]");
}

ELSE
{
?>
<META HTTP-EQUIV=Refresh CONTENT="2; URL=<? echo ("$PHP_SELF"); ?>">

Please hold one second while we process your login...<br>
If this page does not refresh in 3 seconds, <A HREF="<? echo ("$PHP_SELF"); ?>">click here</a>.
<?
}

}

}


ELSE IF (!isset($uid) AND !isset($cookieid))
{
include ("login_form.inc");
exit();
}


?>
0
Comment
Question by:sundevil67
5 Comments
 
LVL 14

Accepted Solution

by:
ThG earned 25 total points
ID: 9749879

Your script looks quite outdated, maybe it's only supposed to work on older PHP versions. You should try doing this cookies stuff yourself as it's trivial to do. The common way to go is, store username/password in a cookie, encrypting the password with the md5() function. You can compare the sent password by md5()'ing again your local password.
0
 
LVL 11

Assisted Solution

by:Zontar
Zontar earned 25 total points
ID: 9755545
Why not just get and set a cookie variable named something like $_COOKIE["login"] or $_COOKIE["loginid"], or better yet use $_SESSION which will work whether or not the user has cookies turned on in the browser?

Also you can use outbut buffering so that you can echo output, then use header() afterwards. In fact, I wouldn't echo anything unless the login fails, I'd just immediately redirect using header("Location: ...") or else post back to the same page the user logged in from.
0
 
LVL 6

Expert Comment

by:aolXFT
ID: 9760020
That looks like a very badly written script. I personally suggest you forget about it and use PHP's builtin session management.

0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction HTML checkboxes provide the perfect way for a web developer to receive client input when the client's options might be none, one or many.  But the PHP code for processing the checkboxes can be confusing at first.  What if a checkbox is…
This article discusses how to create an extensible mechanism for linked drop downs.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question