can someone take a look at this code. Its functioning really strange.
This is a file included as a for a log in. If it runs, and I hit submit witout filling out the fields. It sets a the teknowuni cookie after the commented echo. If I leave the echo in, it will not set the cookie, however it doesnt return an error that it should if it were to run that code due to echoing before the header output.
Of course, if i log in correctly, it sets an error, but it is very strange that it sets the cookie even though that area of code shouldnt even be executing.
<?php
// Check for existing session log in variable
if(!isset($SESSION['user_id'])){
// Check to see if cookie and form variables not existing
if ((!isset($form_user_login) || !isset($form_user_pass)) && (!isset($TeknowService) || !isset($TeknowUni))) {
$loginoutput = "<br><form name=\"login\" method=\"post\"><table><tr>
<td><input type=\"text\" name=\"form_user_login\"></td>
<td><input type=\"password\" name=\"form_user_pass\"></td>
<td><input type=\"submit\" name=\"submit\" value=\"submit\"></td>
</tr></table></form>";
}
// If login form or cookies exist
else{
// Connect to database
include("dbconnect.php");
// Check for cookies
if(isset($TeknowService) && isset($TeknowUni)){
$result = mysql_query("SELECT FROM service_user WHERE user_id='$TeknowService' AND user_rand='$TeknowUni'");
}
// Check for form variables
if(isset($form_user_login) && isset($form_user_pass)){
$result = mysql_query("SELECT FROM service_user WHERE BINARY user_login='$form_user_login' AND BINARY user_pass='$form_user_pass'");
}
// Default action
else{
header("Location: $PHP_SELF");
}
// Check for non matching password and login and reset variables and cookies
if(mysql_num_rows($result)==0){
setCookie("TeknowService", "", time()-432000);
setCookie("TeknowUni", "", time()-432000);
unset($form_user_login);
unset($form_user_pass);
header("Location: $PHP_SELF");
}
// Process log in
$myrow = mysql_fetch_array($result);
// Seed RMA number for cookie log in, store that and set session variables.
$goTeknowUni=md5(time());
mysql_query("UPDATE service_user SET user_rand='$goTeknowUni' WHERE BINARY user_login='$form_user_login'");
$SESSION['user_login'] = $myrow["user_login"];
$SESSION['user_pass'] = $myrow["user_pass"];
$SESSION['user_area'] = $myrow["user_area"];
$_SESSION['user_id'] = $myrow["user_id"];
// echo "fubar";
setCookie("TeknowService", "$user_id", time()+432000);
setCookie("TeknowUni", "$goTeknowUni", time()+432000);
header("Location: $PHP_SELF");
}
}
// Already logged in
else{
$loginoutput = "<a href=\"logout.php?return=$PHP_SELF\">logout [$user_login]</a>";
}
?>
