Cookie not registering

Namadoor

I made a login program for my site, you type in a username and password, if they are correct, it is suppost to register it to a cookie. I have this login code, this is what is exacuted when the username and password are entered on another script:

<?
Require_Once("functions.php");

$loginvar = login($username, $password);
if(!loginvar)	{
}
else	{
	echo "\$username = $username";
	setcookie("siteuser", "$username");
	$validuser = $HTTP_COOKIE_VARS['siteuser'];
}


MakeHeader(Login);

if (!$loginvar)	{
}
else	{
	echo "\$validuser = $validuser";
	echo "You have been logged in<br>";
}
echo "<meta http-equiv=\"refresh\" content=\"3 URL=index.php\">";
echo 'You will be taken back to the page you came from';


MakeFooter();

?>

This is the login function

function login($username, $password)	{
	sleep(1);
	$connection = dbconnect();
	if (!$connection)	{
		echo "<B>ERROR:</B> Could not connect to the database...<br>";
		return false;
	}

$password = md5($password);
$query = "select * from User 
			where username = '$username'
			and password = '$password' ";
$result = mysql_query("$query");

if (!$result)	{
	echo "<b>ERROR:</b> Could not get query...<br>";
	return false;
}
if (mysql_num_rows($result) > 0)	{
	return true;
}
else	{
	echo "<font color=red>That username doesn't exist or the password is incorrect<br>";
	return false;
}
}

I get an error Warning: Cannot add header information - headers already sent by (output started at /home/mark/public_html/login.php:8) in /home/mark/public_html/login.php on line 9

and the cookie doesn't seem to be registered. What is wrong?

mykg4orce

setcookie() must be sent before any <html> or <head> tags.....

Namadoor

It is before the HTML headers...

Namadoor

Okay, It seems to be registering, but after I check it again on a different page, it says it isn't registered.

thefury

"Cookies will not become visible until the next loading of a page that the cookie should be visible for'
http://www.php.net/manual/en/function.setcookie.php

Think that's it?

Namadoor

I don't get what it means by "should be visible for".
Do you have to put something on that page to user a cookie?

Namadoor

Okay, I fixed that error about headers allready sent, but when I call the cookie later with $HTTP_COOKIE_VARS['siteuser'] it doesn't exists.

Why?

thefury

Could be a few things.. Your expire value isn't set or its to low.
Your if your accessing it on multi domains it won't work...

Namadoor

1 domain (It is really an IP address) and I have the time set to time()+3600 or 1 hour. But it still isn't working

Jacker

I had a similar problem, because probably a php.ini setting if you're redirecting to a different page and you're rewriting the headers eg. header ("Location: ") the cookies will become unset, don't know the correct setting is, but instead you could try this instead header ("refresh: 0; URL = nextpage.php"). Hope that helps.

Namadoor

OKay, that is probley the problem, just how do you use that code you gave me? Also, if I cookie is set and the user types in the address of another page on the site that uses a cookie, shouldn't that work, and the cookie be registered?

Jacker

if (login($username, $password)) {
if (!isset($HTTP_COOKIE_VARS["siteuser"]) {
setcookie("siteuser", $username);
header ("Refresh: 0; URL: next_page.php");
}
}
else {
header ("Location: login_failed.html");
}

eg.
<?

// next_page.php
echo "Welcome: ".$HTTP_COOKIE_VARS["siteuser"];
?>

you can still access the cookie from a new page only through your own redirection otherwise if the user types in his own URL in the address bar you would lose that cookie, because this will create a new session on your server. So it's best to have a textbox for the user to enter in the link so you can grab the link and redirect it for the user or have links for the user to navigate

<?

$url = $HTTP_POST_VARS["txturl"];
header ("Refresh: 0; URL: $url");
?>