Set Cookie Problem

DigitalExpl0it

Ok, now I had my script working fine, and the cookies were set just fine, Now ever since I cleared my cookies its not working.

The set cookie funtion isnt setting a cookie in the browser.

I dont see a error here, do you?

<?
// Login Check
// See if the user clicks on Login
if ($_REQUEST[Submit] == "Login") {
include('cfg.php');
$uname = $_REQUEST[uname];
$upass2 = md5($_REQUEST[upass]);
$upass = $_REQUEST[upass];
// Get Database Information
// Database Connection String ------Start------
		$connect = mysql_connect("localhost", "root", "") or die ("<b><center>".mysql_errno().": ".mysql_error()."</b></center>\n");
		$db = mysql_select_db("serials", $connect) or die ("<b><center>".mysql_errno().": ".mysql_error()."</b></center>\n");
		$sql = "SELECT * FROM account WHERE Account_Username='$uname' and Account_Password='$upass2'";
		$sql_result = mysql_query($sql, $connect) or die ("<b><center>".mysql_errno().": ".mysql_error()."</b></center>\n");
// Database Connection String ------End------
			if (mysql_num_rows($sql_result) == 0) {
			//Erorr Show Login Again!
				echo "<p align='center' class='links'>You do not have access to these pages!<br>Please Try Again!</p>";
				loginmenu($uname,$upass);
			} else {
			//Encrypt Password
			$upass = md5($upass);
			//Set Cookies
				setcookie ("sb[0]", $uname, time()+7200);
				setcookie ("sb[1]", $upass, time()+7200);
?>
<META HTTP-EQUIV=Refresh CONTENT="0; index2.php">
<?

		}
		//Close Database Connection	
		mysql_close($connect);	
} else {
//Show Login
loginmenu();
}
?>

DigitalExpl0it

any ideas?

-thanx

simulant

For one, I think the indexes for your $_REQUEST[xxxxx] lines should be surrounded by quotes:

$REQUEST["Submit"]
$REQUEST["uname"]
$_REQUEST["upass"]

Do you know which line in your code is failing?? Try putting some echo's in there and see where it reaches....

DigitalExpl0it

for some reason doing just this..

<?
			echo "Setting cookie SB 1...<br>";
				setcookie ("sb[0]", "test", time()+7200);
			echo "Setting cookie SB 2...";
				setcookie ("sb[1]", "test2", time()+7200);

?>

doesnt work.

Set cookie just stopped working.

simulant

Are you receiving any sort of error message?? I would check to see whether setcookie() is returning true or false, and then make sure you have error reporting fully enabled, so you can see some sort of message....

Also, make sure you're following this rule:

Cookies must be sent before any other headers are sent (this is a restriction of cookies, not PHP). This requires you to place calls to this function before any <html> or <head> tags.

I didn't see any violations of that rule in your snippet. And another quote from the manual:

Cookies will not become visible until the next loading of a page that the cookie should be visible for. To test if a cookie was successfully set, check for the cookie on a next loading page before the cookie expires

I'd check to see if the cookie is in the $_COOKIE array....
Any other info you can offer would be helpful.....

DigitalExpl0it

yeah, Ive tested just setting a cookie on its own page and I get the same thing.

Also Mozilla allows me to check and see my cookies, which is not showing up in the cookie manager, and the $_cookie isnt working either.

let me enable all warnings and errors in the php.ini file

DigitalExpl0it

ok here is the warnings I get...

Notice: Use of undefined constant Submit - assumed 'Submit' in C:\wwwroot\SerialBase\index.php on line 43
Setting cookie SB 1...

Notice: Undefined variable: uname2 in C:\wwwroot\SerialBase\index.php on line 64

Warning: Cannot modify header information - headers already sent by (output started at C:\wwwroot\SerialBase\index.php:39) in C:\wwwroot\SerialBase\index.php on line 64
Setting cookie SB 2...
Notice: Undefined variable: upass in C:\wwwroot\SerialBase\index.php on line 66

Warning: Cannot modify header information - headers already sent by (output started at C:\wwwroot\SerialBase\index.php:39) in C:\wwwroot\SerialBase\index.php on line 66

DigitalExpl0it

here is the two files im playing with.. there attached

index.php and index2.php

simulant

Well, the first Notice deals with the first thing I recommended.....quoting the indexes in the $_REQUEST array.

The next Notice is simply that.....an undefined variable called "uname2"......maybe you mean "uname" here??

The first Warning says what I quoted from my last post.....that cookies cannot be sent after HTTP headers have already been sent. So you have to make sure that the cookies are created BEFORE you start outputting HTML.

The next Notice......looks like $upass is not being passed to the setcookie function. Make sure this variable is being set before trying to set the cookie.

The last Warning is the same as the first Warning.....

From looking at your code, it just looks like some of your variables are not being set correctly. But the main reason the cookies aren't working is because of those Warning messages.

Does this help??

DigitalExpl0it

ok, I got all the warnings, notices gone but for the header one.

Now, I made a new page called cookie.php

all thats in it is..

<?
			echo "Setting cookie SB 1...<br>";
				setcookie ("sb[0]", "test", time()+7200);
			echo "Setting cookie SB 2...";
				setcookie ("sb[1]", "test2", time()+7200);

?>

It will not set the cookie, and I get this same error as on the index.php page...

Setting cookie SB 1...

Warning: Cannot modify header information - headers already sent by (output started at C:\wwwroot\SerialBase\cookie.php:2) in C:\wwwroot\SerialBase\cookie.php on line 3
Setting cookie SB 2...
Warning: Cannot modify header information - headers already sent by (output started at C:\wwwroot\SerialBase\cookie.php:2) in C:\wwwroot\SerialBase\cookie.php on line 5

simulant

The echo statements are the problem because they are outputting HTML to the browser. The setcookie() function will not work if any HTML has already been sent. So do this instead:

setcookie ("sb[0]", "test", time()+7200);
setcookie ("sb[1]", "test2", time()+7200);
echo "Cookies have been sent";

The key is making sure the code is designed such that authenticating a user, connecting to a database, or anything like that is done BEFORE outputting HTML.

hope this helps.

DigitalExpl0it

thanx for the reply, I got it working...

thing was the code I ahve here wasnt working with IE, only with Mozilla :rolleyes:

so I redid the code. And used the header function then generated the cookie.

DigitalExpl0it

thing is, I just cleaned up the code, and now I ahve index.php include a common file with the login function

so when you try to login I have it goto login.php which is this code and is working...

<?
require("common.php");
// Login Check
// See if the user clicks on Login
if ($_POST["Submit"] == "Login") {
include('cfg.php');
$uname = $_POST["uname"];
$upass2 = md5($_POST["upass"]);
// Get Database Information
// Database Connection String ------Start------
		$connect = mysql_connect("localhost", "root", "") or die ("<b><center>".mysql_errno().": ".mysql_error()."</b></center>\n");
		$db = mysql_select_db("serials", $connect) or die ("<b><center>".mysql_errno().": ".mysql_error()."</b></center>\n");
		$sql = "SELECT * FROM account WHERE Account_Username='$uname' and Account_Password='$upass2'";
		$sql_result = mysql_query($sql, $connect) or die ("<b><center>".mysql_errno().": ".mysql_error()."</b></center>\n");
		while ($account_row = mysql_fetch_array($sql_result)){
		$admin = $account_row["Account_Rights"];
		}
// Database Connection String ------End------
			if (mysql_num_rows($sql_result) == 0) {
			//Erorr Show Login Again!
				echo "<p align='center' class='links'>You do not have access to these pages!<br>Please Try Again!</p>";
				loginmenu($uname,$upass2);
			} else {
			//Set Cookies
			$admin = md5($admin);
				setcookie ("sb[0]", $uname, time()+7200);
				setcookie ("sb[1]", $upass2, time()+7200);
				setcookie ("sb[2]", $admin, time()+7200);
			header("Location: index2.php"); /* Redirect browser */

		}
		//Close Database Connection	
		mysql_close($connect);
}	
?>

then the header function sends the user to index2.php 🙂