Session cookies

masood

I can set and read session variables with $_SESSION, but I cannot set or read session cookie variables. Does anyone have any idea what I need to do to get this working.

Thanks in advance

mo0ness

Sorry could u explain your problem better please?

masood

I set a session cookie with setCookie("Username", "someuser")
When I click the submit button on this page, I get the following error:

Warning: Cannot modify header information - headers already sent by (output started at C:\htdocs\bookstore\login\login.php:2) in C:\Program Files\Apache Group\Apache2\htdocs\bookstore\login\login.php on line 11

I'm able to set and read session variables with $_SESSION, but I cannot set session cookies.

Thanks!

mo0ness

First, Cookies and Sessions are different... $SESSION uses the cookie, but setcookie(); and $SESSION are different. If it says the headers are already sent; it means that you have somethin BEFORE you use the setcookie(); function. In order 2 use this function and set your cookie, setcookie(); must be at the VERY top of ur script, before any spaces, before any file requirements, before any content, before any html tags.

IE:

<?php

setcookie("blah", "blah");

require("file.php");

?>
<html>
<head>
<title>Title</title>
</head>
<body>

<?
print "blah blah";
?>

</body>
</html>

keith73

Originally posted by masood
I set a session cookie with setCookie("Username", "someuser")
When I click the submit button on this page, I get the following error:

Warning: Cannot modify header information - headers already sent by (output started at C:\htdocs\bookstore\login\login.php:2) in C:\Program Files\Apache Group\Apache2\htdocs\bookstore\login\login.php on line 11

I'm able to set and read session variables with $_SESSION, but I cannot set session cookies.

Thanks!

the error means that you have already sent output to the browser before calling setcookie. Any HTML code needs to be output AFTER the setcookie command. And any print, echo, etc. commands cannot be done before setcookie either. It doesn't necessarily have to be at the top of your script.

As for cookies and sessions, if you let PHP handle the session for you, using $_SESSION, then the only cookie that gets set is the session ID #. all other session values are stored on the server in a file under /tmp (default).

If you want to set cookie's and maintain the session yourself, you'll have to write your own code to handle the sessions and using session_start() or $_SESSION will not help you.

what you want to do is when the user logs in, you verify them in your database or password file, then once verified, call session_start()

...
session_start();
$_SESSION['username'] = $_POST['username'];
...

$_POST['username'] would be the username field submitted when the user logged in. That is if you used the POST method on the form.

in your php.ini file there are 2 settings that are important to know when using session_start().
session.use_cookies (default is true or 1)
session.name (default is PHPSESSID)
If these are set, then session_start() will automatically create a cookie called PHPSESSID and it will contain a long alphanumric string that is a randomly generated session ID. under /tmp there will be a file called sess_IDNAME where IDNAME is that long string. That file has all your session values in it.

keith

masood

Thanks for all who took the time to reply. The problem was that I was printing an html tag (<BR>) before I was setting the cookie.

Your comments did the trick and resolved my problem.

Thanks again,
Masood