I have
<?php ob_start(); ?>
<?php
$rng2 = random_string('alnum', 24);
setcookie("rng2", md5($rng2), time()+7200, '/');
?>
as my first 5 lines of my page. I do have <?php ob_end_flush(); ?> at the end of my page.
I am also checking the value of the cookie after page reload with the lines
print_r($_COOKIE);
echo "<br /><br />".$_COOKIE['rng2']."/cookie[rng2]<br />";
echo $_POST['f']."/post[f]<br />";
echo md5($_POST['f'])."/md5(post[f])<br />";
if($_COOKIE['rng2'] != md5($_POST['f'])){
$err .= "There was an error submitting the form.<br />";
}
the cookie ['rng2'] does not show up in my print_r() and the variable $_COOKIE['rng2'] displays no space between the two "/"'s, the $_POST['f'] comes up correct.
I can't seem to get this to work. I can't find anything online about having it matter if the page the cookie is set on is an include but I figured I'd mention that it is.
Any insight would be helpful. Thank you.
Related
i just created a form and i am facing a problem on submit.
Example:
Here i have the link to edit.php where i get all the information with this link.
index.php
<a href="change/info/edit.php?url= '
. $row['url']
.'&title='. $row['title']
.'&info='. $row['info']
.'&name='. $row['name']
.'&date='. $row['date'] .' " target="_blank">Edit</a>
Here i get all the information from index.php like this here below:
edit.php :
<?php echo $_GET["title"]; ?>
<?php echo $_GET["info"]; ?>
<?php echo $_GET["date"]; ?>
<?php echo $_GET["name"]; ?>
<?php echo $_GET["url"]; ?>
EDIT: Ares Draguna
<?php session_start();
if(isset($_POST['Submit'])){
// code for check server side validation
if(empty($_SESSION['captcha_code'] ) || strcasecmp($_SESSION['captcha_code'], $_POST['captcha_code']) != 0){
$msg='<span class="fail">Please try again.</span>';// Captcha verification is incorrect.
}else{// Captcha verification is Correct. Final Code Execute here!
}
}
But when i hit the submit button and captcha is false the page refresh and i lose all the information, i have to hit back in the browser to see again all the information.
So what do i need to keep the information, when hit the submit button and captcha is false.
Thanks in advance !
To keep the information on the form, you can set some session variables like:
$_SESSION['title'] = $_GET["title"];
$_SESSION['info'] = $_GET["info"];
and so on... and the test it:
if(capcha == false) {
//do something
} else {
//unset the session variables
}
In this scenario, if the capcha is false, then you can repopulate the form inputs with what you have in session, so even after the page is reloaded you still have those information stored. If the capcha is true, then remember to unset the session vars.
However, if the exact same page refreshes, it means that you have the values in $_GET so you could use that with no problems. It really depends on how your code is structured.
L.E:
if(isset($_POST['Submit'])){
$_SESSION['captcha_code'] = $_GET['captcha_code'];
$_SESSION['other_info'] = $_GET['other_info'];
// code for check server side validation
if(empty($_SESSION['captcha_code'] ) || strcasecmp($_SESSION['captcha_code'], $_POST['captcha_code']) != 0){
$msg='<span class="fail">Please try again.</span>';// Captcha verification is incorrect.
}else{
// Captcha verification is Correct. Final Code Execute here!
}
}
And in the view file, check the session variables, so the session vars are set if isset submit post.
Hope it helps!
Keep on coding!
Ares.
I was trying to figure out how isset() and empty() related to setcookie() and $_COOKIE[]. But I came upon a road-block on the way.
Here is my test.php
<?php
//initialize cookie
$expiry = time()+60*60*9000;
setcookie('name1', '4', $expiry, '/', '', '', TRUE);
if (isset ($_COOKIE['name1'])) {
echo 'cookievalue ' . $_COOKIE['name1'];
} else {
echo 'cookie value not set';
}
if (!empty ($_COOKIE['name1'])) {
echo 'cookievalue ' . $_COOKIE['name1'];
} else {
echo 'cookie value empty';
}
?>
Here is my test1.php
<?php
if (isset ($_COOKIE['name1'])) {
echo 'cookievalue ' . $_COOKIE['name1'];
} else {
echo 'cookie value not set';
}
if (!empty ($_COOKIE['name1'])) {
echo 'cookievalue ' . $_COOKIE['name1'];
} else {
echo 'cookie value empty';
}
echo 'cookievalue ' . $_COOKIE['name1'];
?>
When I first load test.php, and then test1.php, everything seems to work fine. That is, test1.php is able to read the $_COOKIE[] variable that was set in test.php via setcookie(). (Although, as expected, test.php had to be refreshed once before cookie values were output in test.php.)
However, if I close the browser, and reopen it, and then just run test1.php, I get an "Undefined Index" notice on name1 in $_COOKIE['name1'].
Why can't test1.php pick up the $_COOKIE variable defined before the browser was closed? The cookie should still be stored in the computer. Why can't it pull up the cookie value from it after closing and reopening the browser?
Answering my own question.
Thanks to #Dagon tried it using a different browser. It works in another browser (Firefox). It wasn't working in my Chrome browser (I suspect I have some anti-cookie extension on Chrome that's deleting the cookie -- or something like that).
You dont need isset() its as simple as
if ($_COOKIE['name1']) {
I'm trying to make a login session on PHP, but it appears that the $_SESSION['username'] dies inside the IF sentence (I thought $_SESSION where globals by default), and I cant echo it out of the IF
heres My code
if($name=="admin" && $password=="admin")
{
session_start();
$_SESSION['username'],$_SESSION['sesion'];
$_SESSION['username']=$name;
$_SESSION['sesion']=1;
echo $_SESSION['username'];
echo "<br>";
echo $_SESSION['sesion'];
}
echo "<br>";
echo $_SESSION['username'];
The last echo doesnt print its VALUE, So when I redirect it to another page, the page doesnt take the username value
I'm kind of new in this matter
So dont be so harsh on me :P
How can I do this??
Move session_start() to the top of the file:
// foo.php
<?php
session_start();
//....
if($name=="admin" && $password=="admin")
{
// $_SESSION['username'],$_SESSION['sesion']; // Remove this line
$_SESSION['username']=$name;
$_SESSION['sesion']=1;
echo $_SESSION['username'];
echo "<br>";
echo $_SESSION['sesion'];
}
echo "<br>";
echo $_SESSION['username'];
When You are using sessions in php You must start it with session_start() in every file/page You want to get or set session values, so just add this line to this file and that file You're redirecting to.
session_start() should be above the if statment. best to put it right below the ?php
having log out issues when i click the log out button it does not destroy session so when the log in page loads it still sees that theres a live session and picks up on that
heres the log out code for the buttons what is the correct way to code it so it also destroys current session
<?php
// if you need the user's information, just put them into the $_SESSION variable and output them here
echo WORDING_YOU_ARE_LOGGED_IN_AS . $_SESSION['user_name'] . "<br />";
//echo WORDING_PROFILE_PICTURE . '<br/><img src="' . $login->user_gravatar_image_url . '" />;
echo WORDING_PROFILE_PICTURE . '<br/>' . $login->user_gravatar_image_tag;
?>
<div>
<a href= session_destroy();><?php echo WORDING_LOGOUT; ?></a>
<?php echo WORDING_EDIT_USER_DATA; ?>
</div>
<?php include('views/_footer.php'); ?>
hope this helps.
In your href tag, put another php page and in that php page, do a session destroy and you can redirect using header() once the session is destroyed.
<?php echo WORDING_LOGOUT; ?>
In your logout.php
<?php
session_start();
if(session_destroy()){
header("Location: index.php");
}
?>
session_destroy(); is a PHP function. Completely different from HTML, My advice:
Then on logout.php:
<?php
session_start();
if (session_destroy()){
// redirect if session is sucessfully destroyed:
header("Location: page.php/html");
}else{
echo "problem Occurred. Please contact the site administrator";
}
?>
Though, i'm confsued as to why you would have so many defined constants, when you could just simply echo a string.
Have this code on my site to redirect users back to the homepage once logged out and destroys their session. Was working perfectly before when I was using my other hosting account to host the site, but now I've changed the host, it doesn't seem to work anymore ? It isn't actually doing anything. It does destroy session but doesn't redirect? The domain has remained the same and everything so I don't understand what is wrong here? Any ideas?
<?
session_start();
if(!isset($_REQUEST['logmeout'])){
echo "<strong><font color=green>Are you sure you want to logout?</font></strong><br />";
echo "<a href=logout.php?logmeout>Yes</a> | <a href=javascript:history.back()>No</a>";
}
else {
session_destroy();
if(!session_is_registered('first_name')){
echo "<center><font color=red><strong>You have now been logged out.</strong></font></center><br />";
echo "<center>You will be redirected in 3 second...</center><br />";
/* Redirect browser */
header('Refresh: 3;url=http://www.basecentre.co.uk/');
/* Make sure that code below does not get executed when we redirect. */
exit;
}
}
?>
TRY THIS
echo "<meta http-equiv='refresh' content='0;url=http://www.yoursite.com'>";
OR
use flush() before header call
Your previous hosting may have had automatic output buffering enabled.
To avoid "headers already sent" errors please change
echo "<center><font color=red><strong>You have now been logged out.</strong></font></center><br />";
echo "<center>You will be redirected in 3 second...</center><br />";
/* Redirect browser */
header('Refresh: 3;url=http://www.basecentre.co.uk/');
to
/* Redirect browser */
header('Refresh: 3;url=http://www.basecentre.co.uk/');
echo "<center><font color=red><strong>You have now been logged out.</strong></font></center><br />";
echo "<center>You will be redirected in 3 second...</center><br />";
And note that the header() function is occurring before the echo of any content.
You can't do header after any output. There's a setting in the php.ini to change this, but otherwise, it's better practice to send your headers before any output.
But, it looks like you're trying to give them a notification before they get redirected anywhere. To preserve this, just do it with javascript the same way you did on the other one..
echo "<center><font color=red><strong>You have now been logged out.</strong></font></center><br />";
echo "<center>You will be redirected in <span id="time">3<span> second...</center><br />";
//And then echo the redirect script.
echo <<<JAVASCRIPT
<script>
var count = 3;
var counter = setInterval(timer, 1000);
function timer() {
count = count - 1;
if (count <= 0) {
window.location.pathname = '/user/index';
}
document.getElementById("time").innerHTML = count;
}
window.onload = timer();
</script>
JAVASCRIPT;