I have a problem with cookies. In my login script i have the following line of code:
if($_GET['keep'] == "true"){
setcookie('id',$id,time()+3153600);
}
The problem I'm facing is that the cookies are not saving at all ( not even if i don't quit the browser). I'm quite a beginer in this respect and I think I'm not doing it right.
EDIT:
If i print_r all the Cookies it only gives me PHPSESSID after the cookie is set. I printed on index.php and i set the cookie on login.php
SOLUTION: Cookies are saved by default with the path of the file they were created in. To change the path there is another atribute. So by setcookie('id',$id,time()+3153600,'/'); you make the cookie available for the entire domain.
There is no issue in your code
if($_GET['keep'] = "true"){
setcookie('id',$id,time()+3153600);
}
This will may cause to
No data passing to $_GET['keep']
Or if data passing $_GET['keep'] value in not Matched ("true").
Both Works then $id is empty in setcookie method
Improve your code
if(isset($_GET['keep']){
if($_GET['keep'] == "true"){
if(isset($id))
{
#all perpect
$cokkie_id = 'id';
setcookie('id',$id,time()+3153600);
echo "I'm Set. And My value is ".$cokkie_id;
}
else
{
echo "Opzz My ID is also empty";
}
}
else
{
echo 'Get method is Set. But Value is not "true". Actual value is '. $_GET['keep'];
}
}
else
{
echo 'I cant reach Get method Buddy';
}
I think you miss "=" sign
if ($_GET['keep'] == "true") {
if (!isset($_COOKIE['id'])) {
setcookie('id',$id,time()+3153600);
}
}
use isset or ==
if (isset($_GET['keep']) && $_GET['keep'] == "true") {
setcookie('id', $id,time()+3153600);
}else{
echo 'keep is empty';
}
Related
i have a $_sesstion['usermail']. i want to pass this value to next page.if condition match ($answer= $_SESSTION['usermail']);
if(isset($_POST['compair']))
{
echo $_SESSION['question'];
$_SESSION['usermail'];
$answer=$_POST['answer'];
if ($answer == $_SESSION['answer'])
{
header("Location:resetpass.php");
}
else
{
echo "<script>alert('Please Try again')</script>";
}
}
i want to pass $_sesstion['usermail'] value on resetpass.php page.
I think your logic is wrong here. What exactly are you checking in the if statement. A session variable means you can use it on every page that has session_start(); on top.
Sessions by default pass to other pages.
Make sure you have start_session(); on top of the page you want to access the session variable.
So if $_SESSION['usermail'] is working on your current page, it'll work on your next as well with same data.
Get an idea from this exmple
First Page
<?php
session_start();
$_SESSION['name'] = "Adam";
?>
Second page
<?php
session_start();
echo $_SESSION['name'];
?>
You can use GET methods for sharing your session value to next page...
if(isset($_POST['compair']))
{
echo $_SESSION['question'];
$_SESSION['usermail'];
$answer=$_POST['answer'];
if ($answer == $_SESSION['answer'])
{
$value_to_share=$_SESSION['usermail']; // You can share using GET
header("Location:resetpass.php?value=$value_to_share");
// receive this value at resetpass.php by $_GET['value']
}
else
{
echo "<script>alert('Please Try again')</script>";
}
}
I am just stuck today at a wall of confusion and I'm hoping someone will be able to assist :)
I have a database full of basic projects, and within that table are attributes like Project Name, Project Number, Project Image, etc. I am able to enter new projects / display existing projects / etc. without issue.
My problem seems to come up when I want to Edit a project. My thoughts were that I would have to create an IF statement to find out if there's a new file uploaded or not, and either set the new file name in the database if there is, or keep the old in the database if there isn't.
I've been playing around with this for days, and I think I started off a bit too far ahead of myself. I've started breaking down to basics and I'm getting stumped with my IF statement, it feels like it's backwards? Does this make sense?
Examples:
if (isset($_COOKIE["OldProjectImage1"])){$OldProjectImage1 = $_COOKIE["OldProjectImage1"];}
if(isset($OldProjectImage1)){
echo 'Your Browser Cookies are not enabled';
} else if(isset($_FILES['ProjectImage1']['name'])){
echo 'Image1 FILES isset';
} else if(!empty($_FILES['ProjectImage1']['name'])){
echo 'Image1 FILES empty';
}
Now in searching StackExchange I found that we have to do the statement on the COOKIE portion instead of the Variable as I did above, but it also similarly fails.
if (isset($_COOKIE["OldProjectImage1"])){$OldProjectImage1 = $_COOKIE["OldProjectImage1"];}
if(!empty($_COOKIE['OldProjectImage1'])){
echo 'Your Browser Cookies are not enabled';
} else if(isset($_FILES['ProjectImage1']['name'])){
echo 'Image1 FILES isset';
} else if(!empty($_FILES['ProjectImage1']['name'])){
echo 'Image1 FILES empty';
}
And I've also tried with isset
if (isset($_COOKIE["OldProjectImage1"])){$OldProjectImage1 = $_COOKIE["OldProjectImage1"];}
if(isset($_COOKIE['OldProjectImage1'])){
echo 'Your Browser Cookies are not enabled';
} else if(isset($_FILES['ProjectImage1']['name'])){
echo 'Image1 FILES isset';
} else if(!empty($_FILES['ProjectImage1']['name'])){
echo 'Image1 FILES empty';
}
I've tried both with my script, and they're both behaving similarly. Perhaps I am just confused at the overall process?
When I run my tests with and without cookies enabled, it always seems to skip the first part of the IF statement (with both isset and !empty) and jump to the next section. Then, similarly, it feels like the IF statement is backwards (if that makes any sense) - if I set a file to upload which populates ProjectImage1, I get "Image1 FILES empty". If I set no file to upload and submit the form, I get "Image1 FILES isset".
I thought it would essentially be, in plain English,
If cookie is empty then echo "Your Browser Cookies are not enabled"
Else if ProjectImage1 Name is set, echo "Image1 FILES isset"
Else if ProjectImage1 Name is Empty, echo "Image1 FILES empty"
but it's feeling to me like it's backwards? Am I understanding this wrong?
Thanks in advanced for any responses!
Problem lays with:
if(isset($_COOKIE['OldProjectImage1'])){
echo 'Your Browser Cookies are not enabled';
}
You check if the cookie exist, and if it does, then you say that cookies are not enabled. A bit weird. Add ! before the isset. Then the if-statement and the text are correct.
I think, but I can only assume, you want this in the end:
if (isset($_COOKIE["OldProjectImage1"])){
// I believe the variable below can also be put between the else { and } down below
$OldProjectImage1 = $_COOKIE["OldProjectImage1"];
}
if(!isset($_COOKIE['OldProjectImage1'])){
echo 'Your Browser Cookies are not enabled';
} else if(!isset($_FILES['ProjectImage1']['name'])){
echo 'Image1 FILES is not set';
} else if(empty($_FILES['ProjectImage1']['name'])){
echo 'Image1 FILES is empty';
}else {
// upload file here
}
I think you want to check the browser cookie is enabled or not?
Detect if cookies are enabled in PHP
Answer by Shiplu Mokaddim:
session_start();
if (isset($_GET['check']) && $_GET['check'] == true) {
if (isset($_COOKIE['foo']) && $_COOKIE['foo'] == 'bar') {
// cookie is working
// get back to our old page
header("location: {$_SESSION['page']}");
} else {
// show the message "cookie is not working"
}
} else {
// save the referrer in session. if cookie works we can get back to it later.
$_SESSION['page'] = $_SERVER['HTTP_REFERER'];
// set a cookie to test
setcookie('foo', 'bar', time() + 3600);
// redirecting to the same page to check
header("location: {$_SERVER['PHP_SELF']}?check=true");
}
Detect cookie in Javascript
Check if cookies are enabled
So, combine with your code and my own explanation:
<?php
session_start();
//check if a cookie test is started
if (isset($_GET['check']) && $_GET['check'] == true) {
//cookie test is started
if (isset($_COOKIE['foo']) && $_COOKIE['foo'] == 'bar') {
//cookie test success, go back to the previous page
header("location: {$_SESSION['page']}");
} else {
//cookie test fail, echo the message and continue
echo 'Your Browser Cookies are not enabled';
}
} else {
//start cookie test if a cookie test wasn't done
//check if a cookie test was done.
if (!isset($_COOKIE['foo']) && $_COOKIE['foo'] == 'bar') {
//start a cookie test if a cookie test wasn't done
$_SESSION['page'] = $_SERVER['HTTP_REFERER'];
setcookie('foo', 'bar', time() + 3600);
header("location: {$_SERVER['PHP_SELF']}?check=true");
}
}
if(!isset($_COOKIE['OldProjectImage1'])){
echo "OldProjectImage1 doesn't exists in cookies.";
} else if(!isset($_FILES['ProjectImage1']['name'])){
echo "Image1 FILES is not set";
} else if(empty($_FILES['ProjectImage1']['name'])){
echo "Image1 FILES is empty";
}
?>
I made a script that shows the value of "school_id" in url parameter.
http://mywebsite.com/mygrade?school_id=00000
I use $_GET['school_id'] to display the ID number.
<?php echo $_GET['school_id']; ?>
But I what I want is if the parameter "school_id" is empty, I want to display the previous data entered.
Example, the user already browse http://mywebsite.com/mygrade?school_id=00000 then he browse http://mywebsite.com/mygrade?school_id= which id has no value. It will still display 00000 which is the previous ID he used.
I used this code below but doesn't work.. :(
<?php
session_start();
$_SESSION['schoo_id'] = $_GET['school_id'];
if ($_GET['school_id'] === null || $_GET['school_id'] == ""){
echo $_SESSION['schoo_id'];
}
else{
$_GET['school_id'];
}
?>
Anyone who get my point and could help me?
I'm going to break this down line by line, please let me know in the comments if I need to explain anything further:
Self explanatory:
<?php
session_start();
There is a typo here:
$_SESSION['schoo_id'] = $_GET['school_id'];
But! Fixing it won't resolve your problem. What happens if $_GET['school_id'] is not defined/blank? Guess what, $_SESSION['school_id'] is now blank. Obviously you don't want this behavior, so you'll want to only set $_SESSION['school_id'] if $_GET['school_id'] is defined
accessing $_GET['school_id'] will throw an E_NOTICE error if it isn't defined, so you'll want to instead check its existence, rather than checking to see if it is null.
if ($_GET['school_id'] === null || $_GET['school_id'] == ""){
Oh, that typo was intended. Why misspell school though? No need! :)
echo $_SESSION['schoo_id'];
What is this doing? Nothing! No echo, nothing. Just accessing a variable and doing nothing with it.
}
else{
$_GET['school_id'];
}
?>
Here's what your code should look like, or at least I believe is what you intend:
<?php
session_start();
if (isset($_GET['school_id']) && $_GET['school_id'] !== ""){
$_SESSION['school_id'] = $_GET['school_id'];
}
// $_SESSION['school_id'] will be guaranteed to be what $_GET['school_id'] is (if set)
// or whatever it was last time it was defined
// always echo it.
echo $_SESSION['school_id'];
?>
<?php
session_start();
if ($_GET['school_id'] === null || $_GET['school_id'] == ""){
echo $_SESSION['schoo_id'];
}
else{
$_GET['school_id'];
$_SESSION['schoo_id'] = $_GET['school_id']; //here set the session
}
?>
I agree with Salman A, the simplest way:
<?php
session_start();
if (is_int($_GET['school_id'])) $_SESSION['school_id'] = $_GET['school_id'];
// further use $_SESSION['school_id'] for your needs.
?>
what you need to do here is save the GET value in SESSION only if it is set for later use so this should work
<?php
session_start();
if (!isset($_GET['school_id']) || $_GET['school_id'] === null || $_GET['school_id'] == ""){
echo $_SESSION['schoo_id'];
}
else{
$_SESSION['schoo_id'] = $_GET['school_id'];
echo $_GET['school_id'];
}
?>
You almost have it.
<?php
session_start();
if (isset($_GET['school_id']) && trim($_GET['school_id']) !== '') {
// its a fair assumption to make that 'school_id' is intended to be an integer,
// however I will not make that assumption on the OP's behalf.
$_SESSION['school_id'] = $_GET['school_id'];
}
if (isset($_SESSION['school_id']) {
echo $_SESSION['school_id'];
}
else {
echo 'have not entered a school id yet';
}
?>
<?php
$_SESSION['csrf_token'] = md5(uniqid(rand(), true));
?>
<?php
$csrf1 = $_POST['csrf_token'];
$csrf2 = $_SESSION['csrf_token'];
if($csrf1 === $csrf2) {
//not executing
} else {
}
?>
javascript
var csrf = "<?php echo $_SESSION['csrf_token']; ?>";
var ajax = ajaxObj("POST", "index.php");
ajax.onreadystatechange = function() {
if(ajaxReturn(ajax) == true) {
if(ajax.responseText != "success"){
} else {
window.location.replace("login.php");
}
}
}
ajax.send("csrf_token="+csrf);
}
return false;
So, here's some PHP from my code that generates a CSRF token, puts it in session, then checks whether the session value and the POST value are the same. The problem is, the if statement isn't executing. When I echo out the session token right before I send off the request using ajax, the session token is the same. I'm fairly sure that the session token is changing, and I am unsure why.
Edit: I added my javascript. I removed a lot from it, so I hope I didn't mess anything up on it.
A very important piece of information OP failed to provide is that the request goes to the same script that makes his token. Therefore, what is happening is exactly what is supposed to happen. Here is a solution I provided to him on a different website.
<?php
if((isset($_SESSION['csrf_token'], $_SESSION['time']) && time() - $_SESSION['time'] > 60) || !isset($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = md5(uniqid(rand(), true));
$_SESSION['time'] = time();
}
?>
if($csrf1 === $csrf2) {
change so: if($csrf1 == $csrf2) {
I would echo the contents and visually compare the two to check for identical values. For what it is worth, have you tried strcmp()?
if(strcmp($csfr1, $csfr2) == 0) {
//Got a match
} else {
//No match, look at the two strings for debug purposes.
print("<pre> CSRF1: $csrf1 \n CSRF2: $csrf2 </pre>");
}
I have this code that makes sure your are logged in, and then making sure you are on the right page by checking a cookie set at login. This code works on a page in a directory underneath the login in script, however in a page in a directory below that it always takes you to accessdenied. Any ideas?
<?php
session_start();
if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) {
header("location: http://mywebsite.com/member/accessdenied.html");
exit();
}
$_COOKIE["verify"] = $verify;
if( $verify != file_get_contents("name.txt")) {
header("location: http://mywebsite.com/member/accessdenied.html");
} else { }
?>
And it seems like just the bottom part, the part that checks the cookie, isn't working. Again, any ideas?
I think you have your cookie assignment backwards:
$_COOKIE["verify"] = $verify;
Should be
$verify = $_COOKIE["verify"];
And that should be:
$verify = isset($_COOKIE["verify"])?$_COOKIE["verify"]:false;
As if the cookie was not previously set, well it would give a notice error.
<?php
$verify = $_COOKIE["verify"];
if( $verify == file_get_contents("name.txt")) {
echo $verify . 'is equal to the content of name.txt'
} else {
echo $verify . 'is NOT equal to the content of name.txt'
}
?>
Try debugging the code with this. See if the content of your variable is what you want. But I find it unusual that a variable would be a file.
are you sure you always get the content from file_get_contents? I could imagine it's found in one directory but not in the other!
antoher idea: cookies can be set to be relevant for a particular directory only. I just realize, what we're missing here, is the part where you set the cookie in the first place.