Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

undefined index setting cookie

Posted on 2016-10-01
11
Medium Priority
?
74 Views
Last Modified: 2016-10-02
If I check the "remember me" checkbox and login, the cookie is set as it should be. However, if I don't check it I get a "undefined index" error. I am not sure how to resolve this. The error is for the very first line with the if statement.

if($_POST['remember']=="on"){
						
						$cookie_name = 'userID';
						$value = $safe_userID;
						$expire = time() + 60*60*24*7; 
						$path = '/';
						$domain = NULL;
						$secure = FALSE;
						$httponly = TRUE; 

setcookie($cookie_name, $value, $expire, $path, $domain, $secure, $httponly);

Open in new window


P.S. I am not actually using the auto increment user id, I have another one stored in the database which is created with:

 return strtr(
        base64_encode(
            random_bytes(9)
        ),
        '+/',
        '-_'
    );

Open in new window

0
Comment
Question by:Black Sulfur
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
11 Comments
 
LVL 1

Author Comment

by:Black Sulfur
ID: 41824997
I also tried to set the cookie if on and set a session instead if cookie is off. I am still getting undefined index errors though.

      
if($_POST['remember'] === "on"){
						
						$cookie_name = 'userID';
						$value = $userID;
						$expire = time() + 60*60*24*7; 
						$path = '/';
						$domain = NULL;
						$secure = FALSE;
						$httponly = TRUE; 

setcookie($cookie_name, $value, $expire, $path, $domain, $secure, $httponly);
						
					}
							
					elseif($_POST['remember'] == ""){
						
							$_SESSION['userID'] = $userID;
					}	

Open in new window

0
 
LVL 22

Accepted Solution

by:
Kim Walker earned 1600 total points
ID: 41825012
Try:
if(isset($_POST['remember']) && $_POST['remember'] === "on"){

Open in new window

If that doesn't work, you'll have to nest the second condition.
if(isset($_POST['remember']){
    if($_POST['remember'] === "on"){
        // process cookie
    }
}

Open in new window

0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 41825069
I never heard of setting $domain = NULL;.  Cookies are available ONLY on a specified domain.  The simplest cookie must have name, value and expiration.  Then the domain is set to the current domain shown in the browser address bar.  If you include things after the domain, I'm pretty sure you have to specify the domain.  

It is always good to set the correct domain because you can only read the cookie from the correct domain.  This means that the cookie domain must match exactly the domain shown in the browser address bar.  A cookie set for 'www.mysite.com' will Not match 'mysite.com' unless you have used the ',' syntax for the domain when setting the cookie.  I had one situation where I had to try every variation of the domain name to get rid of an unwanted cookie.

http://php.net/manual/en/function.setcookie.php
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:Black Sulfur
ID: 41825143
@ Dave, setting the domain to NULL was actually an example from Ray Paseur which can be found here:

https://www.experts-exchange.com/articles/2391/PHP-Client-Registration-Login-Logout-and-Easy-Access-Control.html



 // CONSTRUCT A "REMEMBER ME" COOKIE WITH THE UNIQUE USER KEY
    $cookie_name    = 'uuk';
    $cookie_value   = $uuk;
    $cookie_expires = time() + date('Z') + REMEMBER;
    $cookie_path    = '/';
    $cookie_domain  = NULL;
    $cookie_secure  = FALSE;
    $cookie_http    = TRUE; // HIDE COOKIE FROM JAVASCRIPT (PHP 5.2+)

Open in new window

0
 
LVL 1

Author Comment

by:Black Sulfur
ID: 41825148
Never mind, ignore the previous comment. I was doing something silly. I can login now if I check the checkbox, if I don't check the box then the page just refreshes. At least I don't get an error anymore so I must almost be there. But I think it is because if the remember me isn't checked, I need to set a session instead, otherwise it still won't work. I tried it but still no luck.

	if(isset($_POST['remember'])) {
						
							if($_POST['remember'] === "on"){
      
						
						$cookie_name = 'userID';
						$value = $userID;
						$expire = time() + 60*60*24*7; 
						$path = '/';
						$domain = NULL;
						$secure = FALSE;
						$httponly = TRUE; 

setcookie($cookie_name, $value, $expire, $path, $domain, $secure, $httponly);
								
								
						
					} elseif($_POST['remember'] !== "on") {
								
								$_SESSION['userID'] = $sessionID;
							}
					
				
					    }	
				

Open in new window


I have noticed though by changing the page redirect on the user area, that it redirects me straight away. So, it is logging me in but the session either isn't set or my condition on the user admin page is wrong?

session_start();
if(isset($_SESSION['userID']) || isset($_COOKIE['userID'])) {
	
	//stuff happens
	
} else {
	
	header("location:login.php");

}

Open in new window

0
 
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 400 total points
ID: 41825157
While Ray and I agree on most things, this is not one of them.  I have never set the domain to NULL and I never will.  If there is any chance that your 'domain' that is entered in the browser is not always the same, then you are inviting failure with the proper recognition of the cookie.  For cookies, 'www.mysite.com' will Not match 'mysite.com'.

https://en.wikipedia.org/wiki/HTTP_cookie

https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
0
 
LVL 1

Author Comment

by:Black Sulfur
ID: 41825159
Hi Dave, makes sense. What should I set it to when using on localhost using mamp? My path looks like:

http://localhost:8888/mysite/auth/

Also, any idea why my session isn't setting if remember me box isn't checked?
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 41825170
You should not be using 'localhost' to start with.  Chrome won't set a cookie at all on 'localhost' and of course, you have no access from other computers.  I have 14 computers with web servers here and all of them use either their machine IP address or the machine 'hostname'.  The only use for 'localhost' is for functions / page that you do not want remote access to.  Still, things like cookies in Chrome simply aren't going to work.
0
 
LVL 1

Author Comment

by:Black Sulfur
ID: 41825192
I don't have a live web server at this point in time so I use MAMP for testing locally. I can successfully set the cookie and the login works as it should with the cookie set i.e.: Once logged in I close the browser and reopen, go back to the url and I remain logged in. I haven't created the logout code yet but if I clear the cache of the Chrome browser, close the browser down and try access the page, it takes me back to the login page. So, the cookie is working on my local machine.

But my session still isn't setting if I don't check remember me.
0
 
LVL 1

Author Comment

by:Black Sulfur
ID: 41825258
Okay, I think I figured it out using reverse logic:

      
				if(empty($_POST['remember'])) {
								
                                                               // Set session
								$_SESSION['sessionID'] = $userID;
						
					} elseif($_POST['remember'] == "on"){
								
                                               //Set cookie
						$cookie_name = 'userID';
						$value = $userID;
						$expire = time() + 60; 
						$path = '/';
						$domain = www.mysite.com;
						$secure = FALSE;
						$httponly = TRUE; 

setcookie($cookie_name, $value, $expire, $path, $domain, $secure, $httponly);

		}

Open in new window

0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 41825485
MAMP includes the Apache web server along with PHP and MySQL.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
This article discusses how to create an extensible mechanism for linked drop downs.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question