Need some help with header()

feshmania

Hey guys--

This is my first post. First time asking help, so bear with me.

I'm trying to transfer information over a page.

here's some of the code.

$time = time();
$user_data = mysql_fetch_array(mysql_query("SELECT id, username, password FROM member WHERE username='$_POST[user]' AND password='$_POST[pass]'"));	

if($_POST[user] && $_POST[pass] && $_POST[sub]){
	if($user_data[id] > 0){
		setcookie ("user", md5($user_data[username]), $time+3200);  

		setcookie ("pass", md5($user_data[password]), $time+3200);
		header('location:secure.php');
	}

Now when it hits the:

header('location:secure.php');

It's supposed to reload the page, but with using MySQL I'm not sure how I would keep the $user_data array variables so that they could compare in this:

elseif($_COOKIE[user] == md5($user_data[username]) && $_COOKIE[pass] == md5($user_data[password]))

Hopefully I was clear enough and someone can help me.
Again, I'm trying to refresh with header so that the cookies will refresh and then I need to compare the cookie information to the user_data array.

Mordecai

Wow wow wow. Okay, this won't answer your question, but I cannot get past the bad programming (no offense).

header('location:secure.php'); <- this is about the worst way to send a header. There is no "location" header, and there is no "secure.php" URI (and there is no space between the two. Do everyone a favor and send a header that is correct: header('Location: http://a.full.uri/to/the/file.ext');

elseif($COOKIE[user] == md5($user_data[username]) && $COOKIE[pass] == md5($user_data[password])) <- did you define() USER, USERNAME, and PASSWORD? Probably not. You probably want 'user', 'username', and 'password'.

Once you fix those, I might be able to get through the question. And by all means, there's no offence intended by this post--hopefully it'll make a better programmer out of you.

tekky

Originally posted by Mordecai
Wow wow wow. Okay, this won't answer your question, but I cannot get past the bad programming (no offense).
.....
elseif($COOKIE[user] == md5($user_data[username]) && $COOKIE[pass] == md5($user_data[password])) <- did you define() USER, USERNAME, and PASSWORD? Probably not. You probably want 'user', 'username', and 'password'.
.....

$array_name[key_name] is perfectly fine, so long as those DEFINES do not exist...

$array = array('mykey' => 'myvalue', 'yourkey' => 'yourvalue');
echo $array[mykey] .'<br>';
echo $array['mykey'] .'<br>';
echo $array[yourkey] .'<br>';
echo $array['yourkey'];

/* yields output of...
 * myvalue
 * myvalue
 * yourvalue
 * yourvalue
 */

granted enclosing them in 'quotes like this' is possibily a MORE correct way of calling an associative array, it is by no means the ONLY, RIGHT, or MOST correct way...

Mordecai

Ever thought about turning error reporting up? I recommend E_ALL.

<?php
error_reporting(E_ALL);
$array = array('key'=>'value');

echo $array['key'];
echo $array[key];
?>

Output:

value
Notice: Use of undefined constant key - assumed 'key' in c:\program files\apache\htdocs\test.php on line 6
value

I rest my case.

tekky

Originally posted by Mordecai
Ever thought about turning error reporting up? I recommend E_ALL.

After trying it and not working on the server I was running on, no, I gave up on it.

I always enclose mine in single quotes, so I have no reason to.

feshmania

Yeah, I assumed it wasn't the best programming, because I've never used header() before and that's the way the tutorial I was learning from had it. Learn not to be such a douche if you don't mean for people to take offense.

And I've never had a problem with arrays used that way, but I'll give it a try.

And thanks for the E_All info, didn't know that existed, I'm a relatively new PHP programmer, like 6 months of basic stuff like news posts and the like.

feshmania

Tried all of Mordecai (sp?) methods. Didn't do anything. But programmed better, I suppose.

crimaniak

Originally posted by feshmania
Tried all of Mordecai (sp?) methods. Didn't do anything. But programmed better, I suppose.

😃

FAQ-related: quote string constants then transfer it to SQL query. (addslashes)
If variable to insert more complex then $varname or $object->property then use brackets: {}

"string constant {$_POST['user']} string...."

afraid magic_quotes_gps

feshmania

Not quite sure what those two mean...I think I get what you're saying in #2, but #3 I'm totally lost 🙂

Originally posted by crimaniak

...
2. If variable to insert more complex then $varname or $object->property then use brackets: {}

"string constant {$_POST['user']} string...."

afraid magic_quotes_gps [/B]

Maybe a little clearer. Thanks 🙂