Function and cookie trouble! :(

reeferd

hi there..
I have a function that checks wheter or not a user has access to certain pages.
The function uses some cookie variables in order to run.
I call this function on top of the pages that need authentication.
If the function failes, then the user is sent to a logon page.
After the user has typed inn username/password, he is redirected to the page he was trying to access.

Problem::
User is beeing looped back to the logon page all the time.
But when I try to use the function on a different page, it works...

Function::

function checkaccess($cook_ab_nr, $cook_password) {

if (!sql_logon()) {
return 0 ;
} // end check logon.

$see = "select abonnent.kode as kode
from abonnent, tilgang
where tilgang.ab_nr = '$cook_ab_nr'
AND tilgang.ab_nr = abonnent.ab_nr
AND tilgang.password = '$cook_password'
AND abonnent.datout > NOW()" ;
$see_q = mysql_query($see) ;
$c = mysql_fetch_array($see_q) ;
$match = mysql_num_rows($see_q) ;

if ($c["kode"] != 'gruppeabonnement') {
if ($match == 1) {
return 1 ;
} else {
return 0;
} // End if/else

} else { //

$sql = "SELECT abonnent.kode, tilgang.password from tilgang, abonnent
WHERE ab_nr = $cook_ab_nr
AND password = '$cook_password'
AND abonnent.datout > NOW()" ;
$sql_query = mysql_query($sql) ;
$hit = mysql_num_rows($sql_query) ; // hits

if ($hit == 1) {
return 1; // ett treff. gi tilgang
} else {
return 0 ; // ellers, ikke gi tilgang.
}
}
} // End check user access function.

This is the example that works::

<?
require ("access/member.php") ;

if (!checkaccess($cook_ab_nr, $cook_password)) {
$go = header("location:http://www.havneavisen.net/abonnent/logg.php?side=abonnent/functest") ;

if (!$go) {
echo "damn";
}

} else {

<?
} // end
?>

reeferd

When the user logs on I use this function::

function verifyuser($ab_nr, $password) {

if (!sql_logon()) {
return 0 ;
}

// existing user logon
$sql = "select tilgang.password as password, abonnent.kode as kode, abonnent.antall as antall
FROM abonnent, tilgang
WHERE abonnent.ab_nr = $ab_nr
AND password = '$password'
AND abonnent.ab_nr = tilgang.ab_nr
AND abonnent.datout > NOW()" ;

$sql_query = mysql_query($sql) ;
$rad = mysql_fetch_array($sql_query) ;

if (!$sql_query) {
echo "SQL Querien didn`t work!" ;
return 0 ;

} else {

$treff = mysql_num_rows($sql_query) ;

if ($treff == 1) {
return 1 ;
} else {
return 0;
}

} #endit if:else
} // End function

What I do is that the user is asked to fill in his "ab_nr" and password, when he hits submit, I run this function to check if he has access, then I set two cookies:

    setcookie("cook_ab_nr", $form_ab_nr) ; // cookie with ab nr
    setcookie("cook_password", $form_password) ; // cookie with password
    header("location:http://www.havneavisen.net/$side.php?id=$artikkelid&emne=$emne") ;

Any idea of what can be wrong here???

[deleted]

Check your scopes, cookies are only available inside functions if you pass the vars to the functions.

So if you get a cookie for a page, and in that page you use a function then the cookie is not visible in that function. You'd have to pass the value in the parameters:

other_funk($HTTP_COOKIE_VARS['mycookie']);

function other_funk($cookie_var)
{
};

reeferd

Thanks for the help!
But I have allready tried that.. it didn`t work.

Acctually.. I think i located the problem.

since cookies are only valid within the set domain, and this cookie will be used on two domains, it won`t work....

Or.
We recently changed named of our domain, but instead of copying everyting to our new domain, we are just resending all requests to the old domain.. If you know what I mean.

Now I need to set a cookie for each domain...
Is it possible to set two cookies with the same variable names/values but with different domains, or do I have to set different var names for each cookie??