I am trying to make a platform with a login system and I am storing the username and the password in cookies to make the user stay logged in even if it closes the browser and then enters again. I managed to save the cookies but I don't know how to make the logout button.
Here is the code:
function logout() {
$('body').append("<?php setcookie('username', null); setcookie('password', null); unset $_COOKIE['username']; unset $_COOKIE['password']; ?>");
location.assign("index.php");
}
You are trying to include PHP code in JavaScript, which will not work like that.
You could either delete the cookie with jQuery as suggested here:
function logout() {
$.cookie("username", null, { path: '/' });
location.assign("index.php");
}
or by calling a PHP file with the following PHP code:
setcookie("username", "", time() - 3600, '/');
Try:
setcookie('username', null, -1, '/');
setcookie('password', null, -1, '/');
You are trying to execute server code inside client code.
That won't work. It'll literally append what's inside the append method.
You need to write a logout.php file and inside it have your server side logic.
Such as
<?php
session_destroy();
setcookie("cookie", "value", 1);
header("Location: index.php");
?>
Set cookie to 1second after epoch instead of 0 so that the cookie expires right away and not at the end of the browser session.
Also note that you shouldn't store the password in the cookie. Rather store the session key in the cookie using session_start();
Related
I have created a logout.php page to let the user sign out from the website and redirects them to the sign in page.
however what ever i do, the cookies are not getting deleted, so when the user gets redirected to the singin page the latter examines the cookies and then find it, therefore logs the user in.
Below is the code of logout.php:
<?php
unset($login);
if (isset($_COOKIE['xxx'])){
setcookie('xxx', false, time() - 3600,"/");
}
if (isset($_COOKIE['yyy'])){
setcookie('yyy', false, time() - 3600,"/");
}
header("Location: singin.php");
die();
?>
Please note that this php page is in subfolder protected by password and the html link redirects to a php file that require() the logout.php file.
use php unset() to delete your cookie as, you can get the complete details here delete the cookie
if (isset($_COOKIE['xxx'])){
unset($_COOKIE['xxx']);
}
if (isset($_COOKIE['yyy'])){
unset($_COOKIE['yyy']);
}
or, set value as null and a negative time for your cookie as
setcookie('xxx', null, -1, '/');
setcookie('yyy', null, -1, '/');
or, set value as empty and a past time for your cookie as
setcookie("xxx", "", time()-3600);
setcookie("yyy", "", time()-3600);
I have found finally the reason behind the issue.
it's because I have put session_cache_limiter('public'); in my code, so which I presume prevents the client to set the cookie to an expiry date.
I have done that because I don't want the client to ask the user each time they hit back to resubmit the form.
It seems that it's not the correct practice, I'll post another question for that.
Thanks all for the help.
Hello im trying to create a cookie on localhost
This is my code:
<?php
SESSION_START();
if (isset($_GET['lang'])) {
$available_langs = array("se", "uk");
if (in_array($_GET['lang'], $available_langs)) {
setcookie("wb_lang", $_GET['lang'], "1", "/", "localhost");
}
else {
$_SESSION['sess_error'] = LANGUAGE_YOU_SELECTED_DOESNT_EXIST;
}
header("Location: /");
exit;
}
?>
That part set the cookie, if i take die after the cookie is set i get the an answer from the cookie.
But when i try to use the cookie on index.php, it doesn't exist at all..
The language.php is in a subfolder named /modules/language.php it that is any problem?
So the cookie is set, but only in language.php and i can't seem to find any answer for this either, i tried several answers without any success.
You've set your $expire (third) argument to "1", which is always in the past, so the cookie will always instantly expire.
If this is a session cookie, you can use 0.
If you want it to persist when the browser closes and reopens, you will need to set a value in the future, e.g. time() + 365*24*60*60 for the cookie to survive approximately 1 year.
http://php.net/manual/en/function.setcookie.php
I am new to php. I am facing problem with sessions. I mean, after I get logged in and I click on any link in the website , its immediately getting logged out. Not sure why.
In chrome console: I entered as : document.cookie , it showing me "", then I got to understand that cookie is somehow getting deleted immediately or some other issue.
This problem exists for below 2 websites.
We have a websites like :
www.mysite.site1.com/folder1
www.mysite.site2.com/folder2
Below is my code of MySite.com/folder1
function MySession() {
$params = session_get_cookie_params();
session_set_cookie_params($params['lifetime'], '/v/folder1');
session_start();
}
function clear()
{
$_SESSION=array();
session_destroy();
}
Below is my code of MySite.com/folder2
function MySession() {
$params = session_get_cookie_params();
session_set_cookie_params($params['lifetime'], '/v/folder2');
session_start();
}
function clear()
{
$_SESSION=array();
session_destroy();
}
Setting the domain for cookies in session_set_cookie_params() only affects the domain used for the session cookie .
So to make all your cookies be available across all sub-domains of your site you need to set your cookies on root domain.
when setting the path that the cookie is valid for, always remember to have that trailing '/'.
CORRECT:
session_set_cookie_params (0, '/yourpath/');
INCORRECT:
session_set_cookie_params (0, '/yourpath');
mysite.site1.com is your base url.
when you switched from www.mysite.site1.com/folder1
to
www.mysite.site2.com/folder2
you'll surely be logged out.
Well, I am able to find out answer for my query:
since in my case I have 2 folders ie., www.mysite.com/folder1 && www.mysite.com/folder2 , then we MUST keep session_name('folder1') for 'folder1' and session_name('folder2') for 'folder2' , otherwise both folders share the same session ID and so user gets logged in automatically in folder2 (assuming if he already got loggedin folder1)
function Session() {
session_name('FOLDER_SID');
session_start();
}
Regarding more info about session_name, here: http://stackoverflow.com/a/7551430/4956785
Here is my login cookies being set
setcookie('username[0]',$username,time()+(60*60*24*365));
setcookie('username[1]',$userid,time()+(60*60*24*365));
setcookie('username[2]',$subscribed,time()+(60*60*24*365));
setcookie('password',md5($password),time()+(60*60*24*365));
setcookie('admin',$admin,time()+(60*60*24*365));
Here is my logout function
function logout($return) {
setcookie('username[0]', '', time()-(60*60*24*365));
setcookie('username[1]', '', time()-(60*60*24*365));
setcookie('username[2]', '', time()-(60*60*24*365));
setcookie('password', '', time()-(60*60*24*365));
setcookie('admin', '', time()-(60*60*24*365));
header( 'Location: ' . $return );
echo "<div class='fontall'><span class='fontdif'>You've been logged out. </span><a href='$return'>Click Here</a><span class='fontdif' to return</span></div>";
}
When i try to log out and return to the page i am still logged in? What did i do wrong?
If you got the 'cannot modify headers' error, it means you echo out something before setcookie. setcookie must do before any content echo out.
Like other headers, cookies must be sent before any output from your
script (this is a protocol restriction). This requires that you place
calls to this function prior to any output, including and
tags as well as any whitespace.
// 1. Find the session
session_start();
// 2. Unset all the session variables
$_SESSION = array();
// 3. Destroy the session cookie
if(isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time()-42000, '/');
}
// 4. Destroy the session
session_destroy();
That should work.
Probably..u didn't destroy the session?
Nothing seems to be wrong with the code - they should be deleting the cookies. Are you sure that the cookies are not deleting? After you logout, try checking if the cookies exist. You may do so using the browser that show the active cookies. Or alternatively you may try reading the cookies using PHP.
Second, how are you checking if the session is still valid? Can you please share that piece of code? And where do you check your session - do you do them on all pages?
I face some problem on my script that I use PHP and jquery to create login system.
First I have PHP page contain form for login. when user click submit I use jquery to send data to server
$.post('server_login.php', {username:username.val(), password:password.val()}, function(data){
alert(data);
});
in server_login.php I have function to doing login user.
if($_POST['username']=='username' && $_POST['password']=='1234'){
$expire = time() + 60*60*24*30; //1 month expired.
setcookie("user_id", $_POST['username'], $expire);
echo true;
}
and jquery alert "1" on my login page.
the problem is when i refresh my website and retieve cookie, it not show me.
print_r($_COOKIE);
anything wrong?
If the script you are calling is located in another folder on the server (or via url rewrite it appears as if it is under another path), make sure to set the path parameter of the cookie.
By default, setcookie() sets the cookie only for the current path.
If your page is www.domain.com and you make ajax call to www.domain.com/auth/login.php the cookie will be set to /auth and will not be available outside /auth.
So try changing to this:
setcookie("user_id", $_POST['username'], $expire, '/');
I try below code in my script.
Please once try this code if you get cookie value
than something wrong with your code but if this code also
not work than check your browser cookie option enabled or not.
if cookie disabled by browser than also you can't get any cookie
value.
For enabling browser cookie follow below link http://www.blogpatrol.com/enable-cookies.php.
Test Code 1:
$expire = time() + 60*60*24*30; //1 month expired.
setcookie("TestCookie", "shashank patel here", $expire);
print_r($_COOKIE);
Test code 2:
Also check this code with your script this code told you
your browser cookie enabled or not.
error_reporting (E_ALL ^ E_WARNING ^ E_NOTICE);
// Check if cookie has been set or not
if ($_GET['set'] != 'yes')
{
// Set cookie
setcookie ('test', 'test', time() + 60);
// Reload page
header ("Location: test.php?set=yes");
}
else
{
// Check if cookie exists
if (!empty($_COOKIE['test']))
{
echo "Cookies are enabled on your browser";
}
else
{
echo "Cookies are NOT enabled on your browser";
}
}