[RESOLVED] Cookie driving me mad

Catharsis

Hi peeps,

Im having one of those days when I probably should not of bothered coming to work.

So I have an index page which decides if you are logged in, read the disclaimer then passes you off to the relevant page. If not it passes you to a login page, then it SHOULD pass you to the disclaimer page. This is where it all goes a bit wrong. The session stuff is working a treat.

session_start();

// Not logged in
if ( ! $_SESSION['login_id'] ) {
    header( 'Location: login.php' );
}

// No disclaimer cookie?
if ( ! isset( $_COOKIE['disclaimer'] ) ) {
    header( 'Location: disclaimer.php' );
}

//print "Set?".isset( $_COOKIE['disclaimer'] );
//print_r($_COOKIE);

For some reason it only jumps off to dislaimer.php if I uncomment the print statements. Am I missing something obvious?

Thanks

etully

I'm not certain... but you can try this: Instead of checking to see if the variable is set, try seeing if it has a value. Instead of this:
if ( ! isset( $COOKIE['disclaimer'] ) ) {
write this:
if ( ! $COOKIE['disclaimer'] or $_COOKIE['disclaimer']=='') {

I have no idea why the print statements would affect the header. As you know, they shouldn't be there if you want the Location Redirect to work... so they should be commented out.

As a matter of practice, I never use isset to check a particular value of an array. I only use it for the variable itself like if ( ! isset($x))

Anyway, give that a try.

laserlight

This probably isnt the reason why it isnt working, but the location header requires an absolute URI. Based on what is given in the PHP manual on [man]header/man, I suggest:

session_start();

$base_uri = 'http://' . $_SERVER['HTTP_HOST']
	. rtrim(dirname($_SERVER['PHP_SELF']), '/\\') . '/';

// Not logged in
if (empty($_SESSION['login_id'])) {
	header('Location: ' . $base_uri . 'login.php');
	exit;
}

// No disclaimer cookie?
if (empty($_COOKIE['disclaimer'])) {
	header('Location: ' . $base_uri . 'disclaimer.php');
	exit;
}

The reason for the exit after the header is so that the redirect happens immediately. If not, PHP will continue parsing the rest of the page, even though that is unnecessary. I use empty() instead of isset() because you not only want to check for the existence of the variable, but also that it is not empty (i.e. non-zero, true, or a non-zero length string).

As a matter of practice, I never use isset to check a particular value of an array. I only use it for the variable itself like if ( ! isset($x))

For incoming variables, you should use isset() or empty(), or perhaps array_key_exists() before using the variable.

Catharsis

Okay I learnt something today.

Thanks both for your replies, in the end it was the exit that did the trick. Seams that even though the cookie isnt set and isset returns a false value as laserlight suggests the rest of the code deams to just carry on reguarless.

I didnt need a base_uri either buit thats a good suggestion as well, so thanks for that.