www.webdeveloper.com
Results 1 to 15 of 15

Thread: php session/cookies not working at all

  1. #1
    Join Date
    May 2006
    Posts
    412

    php session/cookies not working at all

    Hi all,

    i have recently posted the same topic over at sitepoint web developer forums aswell and not much luck im trying to have a remember me function to my gaming script and everything else is workng fine its just that my members area file called console.php the session is not working correctly when i go thru the login process it logs me in but when i get redirected to console.php it instantly says plz login even though i am logged in already.

    This is my code for console.php

    PHP Code:
    session_start();
        include(
    "header.inc.php");
        
    $msg_pass="";
        
    $msg_user="";
        include(
    "dbconnect.php");
        
    ini_set("error_reporting"2047);
        
    ini_set("display_errors"1);
        
    ini_set("display_startup_errors"1);
        if(
    $_SESSION['user'])
        {
            
    $_SESSION['user']=$user;
            
    $user=true;
            echo 
    "successfully logged in";
        }
        else
        {
            echo 
    "plz login";
        }
        include(
    "footer.inc.php"); 
    only error i got was saying Notice: Undefined index: user in /home/bchostin/public_html/bccms/new/console.php on line 10

    on line 10 is this
    PHP Code:
    if($_SESSION['user']) 
    so that doesnt make sense

    here is my login code

    PHP Code:
    <?php
                
    include("header.inc.php");
                
    session_start();
                require(
    "dbconnect.php");
                
    error_reporting(E_ALL);
                
    $msg_pass="";
                
    $msg_user="";
                if(
    $_POST['username'] && $_POST['password'])
                {
                    include(
    "dbconnect.php");
                    
    $username mysqli_real_escape_string($con,stripslashes(trim($_POST['username'])));
                    
    $password mysqli_real_escape_string($con,stripslashes(trim($_POST['password'])));
                    
    $cQuery="SELECT * FROM members WHERE username='".$username."' AND Password='".$password."'";
                    
    $con;
                    
    $rm=$_POST['rememberme'];
                    
    $rs=mysqli_query($con,$cQuery);
                    if(!
    $rs)
                    {
                        echo 
    "Unable to excute the query:".mysqli_error($con);
                    }
                    else
                    {
                        
    $count=mysqli_num_rows($rs);
                        echo 
    $count;
                        if(
    $count>0)
                        {
                            
    $data=mysqli_fetch_assoc($rs);
                            if(
    $data['password']=$password)
                            {
                                
    //For Rembmer me
                                //echo "hi";
                                
    if($rm="On")
                                {
                                    
    setcookie("user",$username,time()-7200);
                                    
    //
                                    
    $today=date("Ymd");
                                    include(
    "dbconnect.php");
                                    
    $dQuery="UPDATE members SET LastedLogin='$today',signons=signons+1,onlinestatus='1'
                                    WHERE username='"
    .$_COOKIE['user']."'";
                                    
    $rs=mysqli_query($con,$dQuery);
                                    if(!
    $rs)
                                    {
                                        echo 
    "Error:".mysqli_error($con);
                                    }
                                    else
                                    {
                                        echo 
    "";
                                    }
                                    echo 
    "<font color=".$fontcolor.">Logged in as:&nbsp;".$_COOKIE['user']."<br/>";
                                    echo 
    "<font color=".$fontcolor.">Please Wait while we log you in</font>";
                                    echo 
    "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=console.php\">";
                                    
    //
                                
    }
                                else
                                {
                                    
    //
                                    
    if(isset($_SESSION['user']))
                                    {
                                        
    //
                                        
    $_SESSION['user']=$username;
                                        
    $today=date("Ymd");
                                        include(
    "dbconnect.php");
                                        
    $dQuery="UPDATE members SET LastedLogin='$today',signons=signons+1,onlinestatus='1'
                                        WHERE username='"
    .$_SESSION['user']."'";
                                        
    $rs=mysqli_query($con,$dQuery);
                                        if(!
    $rs)
                                        {
                                            echo 
    "Error:".mysqli_error($con);
                                        }
                                        else
                                        {
                                            echo 
    "";
                                        }
                                        echo 
    "<font color=".$fontcolor.">Logged in as:&nbsp;".$_SESSION['user']."<br/>";
                                        echo 
    "<font color=".$fontcolor.">Please Wait while we log you in</font>";
                                        echo 
    "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=console.php\">";
                                        
    //
                                    
    }
                                    
    //
                                    //
                                
    }
                                
    //if Session
                            
    }
                            else
                            {
                                
    $msg_pass="Wrong Password,Please Try again<br>\n";
                                
    $rmt $_SERVER["REMOTE_ADDR"];
                                
    $today=date("F j,Y,g:i a");
                                if(
    $rmt || $today)
                                {
                                    
    $pQuery="insert into failedlogins values('','$username','$password','$rmt','$today')";

                                    
    $result=mysqli_query($con,$pQuery);
                                    if(!
    $result)
                                    {
                                        echo 
    "<font color=".$fontcolor.">Error:".mysqli_connect_errno();
                                        echo 
    "<br/><font color=".$fontcolor.">Error2:".mysqli_error($con);
                                    }
                                    else
                                    {
                                        echo 
    "<font color=".$fontcolor.">Your Ip Address has been Logged!</font>";
                                    }
                                }
                            }
                        }
                        else
                        {
                            
    $msg_user="Wrong Username,Please Try again<br>\n";
                            
    $rmt $_SERVER["REMOTE_ADDR"];
                            
    $today=date("F j,Y,g:i a");
                            if(
    $rmt || $today)
                            {
                                
    $pQuery="insert into failedlogins values('','$username','$password','$rmt','$today')";

                                
    $result=mysqli_query($con,$pQuery);
                                if(!
    $result)
                                {
                                    echo 
    "<font color=".$fontcolor.">Error:".mysqli_connect_errno();
                                    echo 
    "<br/><font color=".$fontcolor.">Error2:".mysqli_error($con);
                                }
                                else
                                {
                                    echo 
    "<font color=".$fontcolor.">Your Ip Address has been Logged!</font>";
                                }
                            }
                        }
                    }
                }
                include(
    "footer.inc.php");    
    ?>
    What am i doing why is my console.php page displaying that error to view it live login with demo as username and password and go to http://bccms.info/new/

    and you can see the demo of the error i am having.

    Any ideas?

    Thanks,William

  2. #2
    Join Date
    Jan 2009
    Posts
    3,346
    Is $_Session['user'] a boolean variable? Perhaps you mean to use:
    PHP Code:
    if(isset($_SESSION['user'])) 
    ?

  3. #3
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,334
    My guess is that the session_start() in the login code is not being executed due to something being output by the include that precedes it. If that's the case, just move the session_start() up before that include.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  4. #4
    Join Date
    May 2006
    Posts
    412
    Quote Originally Posted by criterion9 View Post
    Is $_Session['user'] a boolean variable? Perhaps you mean to use:
    PHP Code:
    if(isset($_SESSION['user'])) 
    ?
    i did that same error

    just says plz login

    PHP Code:
    session_start();
        include(
    "header.inc.php");
        
    $msg_pass="";
        
    $msg_user="";
        include(
    "dbconnect.php");
        
    ini_set("error_reporting"2047);
        
    ini_set("display_errors"1);
        
    ini_set("display_startup_errors"1);
        if(isset(
    $_SESSION['user']))
        {
            
    $_SESSION['user']=$user;
            
    $user=true;
            echo 
    "successfully logged in";
        }
        else
        {
            echo 
    "plz login";
        }
        include(
    "footer.inc.php"); 
    and these are the errrors for the login.php script

    Notice: Undefined index: rememberme in /home/bchostin/public_html/bccms/new/login.php on line 18
    1
    Warning: Cannot modify header information - headers already sent by (output started at /home/bchostin/public_html/bccms/new/header.inc.php:47) in /home/bchostin/public_html/bccms/new/login.php on line 37

    Notice: Undefined index: user in /home/bchostin/public_html/bccms/new/login.php on line 42

    Notice: Undefined variable: fontcolor in /home/bchostin/public_html/bccms/new/login.php on line 52

    Notice: Undefined index: user in /home/bchostin/public_html/bccms/new/login.php on line 52
    Logged in as:

    Notice: Undefined variable: fontcolor in /home/bchostin/public_html/bccms/new/login.php on line 53
    Please Wait while we log you in

    Not sure why i am getting them heres updated code

    PHP Code:
    <?php
                session_start
    ();
                include(
    "header.inc.php");
                require(
    "dbconnect.php");
                
    error_reporting(E_ALL);
                
    ini_set("error_reporting"2047);
                
    ini_set("display_errors"1);
                
    ini_set("display_startup_errors"1);
                
    $msg_pass="";
                
    $msg_user="";
                if(
    $_POST['username'] && $_POST['password'])
                {
                    include(
    "dbconnect.php");
                    
    $username mysqli_real_escape_string($con,stripslashes(trim($_POST['username'])));
                    
    $password mysqli_real_escape_string($con,stripslashes(trim($_POST['password'])));
                    
    $cQuery="SELECT * FROM members WHERE username='".$username."' AND Password='".$password."'";
                    
    $con;
                    
    $rm=$_POST['rememberme'];
                    
    $rs=mysqli_query($con,$cQuery);
                    if(!
    $rs)
                    {
                        echo 
    "Unable to excute the query:".mysqli_error($con);
                    }
                    else
                    {
                        
    $count=mysqli_num_rows($rs);
                        echo 
    $count;
                        if(
    $count>0)
                        {
                            
    $data=mysqli_fetch_assoc($rs);
                            if(
    $data['password']=$password)
                            {
                                
    //For Rembmer me
                                //echo "hi";
                                
    if($rm="On")
                                {
                                    
    setcookie("user",$username,time()-7200);
                                    
    //
                                    
    $today=date("Ymd");
                                    include(
    "dbconnect.php");
                                    
    $dQuery="UPDATE members SET LastedLogin='$today',signons=signons+1,onlinestatus='1'
                                    WHERE username='"
    .$_COOKIE['user']."'";
                                    
    $rs=mysqli_query($con,$dQuery);
                                    if(!
    $rs)
                                    {
                                        echo 
    "Error:".mysqli_error($con);
                                    }
                                    else
                                    {
                                        echo 
    "";
                                    }
                                    echo 
    "<font color=".$fontcolor.">Logged in as:&nbsp;".$_COOKIE['user']."<br/>";
                                    echo 
    "<font color=".$fontcolor.">Please Wait while we log you in</font>";
                                    
    //echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=console.php\">";
                                    //
                                
    }
                                else
                                {
                                    
    //
                                    
    if(isset($_SESSION['user']))
                                    {
                                        
    //
                                        
    $_SESSION['user']=$username;
                                        
    $today=date("Ymd");
                                        include(
    "dbconnect.php");
                                        
    $dQuery="UPDATE members SET LastedLogin='$today',signons=signons+1,onlinestatus='1'
                                        WHERE username='"
    .$_SESSION['user']."'";
                                        
    $rs=mysqli_query($con,$dQuery);
                                        if(!
    $rs)
                                        {
                                            echo 
    "Error:".mysqli_error($con);
                                        }
                                        else
                                        {
                                            echo 
    "";
                                        }
                                        echo 
    "<font color=".$fontcolor.">Logged in as:&nbsp;".$_SESSION['user']."<br/>";
                                        echo 
    "<font color=".$fontcolor.">Please Wait while we log you in</font>";
                                        
    //echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=console.php\">";
                                        //
                                    
    }
                                    
    //
                                    //
                                
    }
                                
    //if Session
                            
    }
                            else
                            {
                                
    $msg_pass="Wrong Password,Please Try again<br>\n";
                                
    $rmt $_SERVER["REMOTE_ADDR"];
                                
    $today=date("F j,Y,g:i a");
                                if(
    $rmt || $today)
                                {
                                    
    $pQuery="insert into failedlogins values('','$username','$password','$rmt','$today')";

                                    
    $result=mysqli_query($con,$pQuery);
                                    if(!
    $result)
                                    {
                                        echo 
    "<font color=".$fontcolor.">Error:".mysqli_connect_errno();
                                        echo 
    "<br/><font color=".$fontcolor.">Error2:".mysqli_error($con);
                                    }
                                    else
                                    {
                                        echo 
    "<font color=".$fontcolor.">Your Ip Address has been Logged!</font>";
                                    }
                                }
                            }
                        }
                        else
                        {
                            
    $msg_user="Wrong Username,Please Try again<br>\n";
                            
    $rmt $_SERVER["REMOTE_ADDR"];
                            
    $today=date("F j,Y,g:i a");
                            if(
    $rmt || $today)
                            {
                                
    $pQuery="insert into failedlogins values('','$username','$password','$rmt','$today')";

                                
    $result=mysqli_query($con,$pQuery);
                                if(!
    $result)
                                {
                                    echo 
    "<font color=".$fontcolor.">Error:".mysqli_connect_errno();
                                    echo 
    "<br/><font color=".$fontcolor.">Error2:".mysqli_error($con);
                                }
                                else
                                {
                                    echo 
    "<font color=".$fontcolor.">Your Ip Address has been Logged!</font>";
                                }
                            }
                        }
                    }
                }
                include(
    "footer.inc.php");    
    ?>

  5. #5
    Join Date
    Jan 2009
    Posts
    3,346
    Again did you mean to check if a variable is set?
    PHP Code:
    if(isset($_POST['username']) && isset($_POST['password'])) 
    Rather than:
    PHP Code:
    if($_POST['username'] && $_POST['password']) 

  6. #6
    Join Date
    May 2006
    Posts
    412
    Quote Originally Posted by criterion9 View Post
    Again did you mean to check if a variable is set?
    PHP Code:
    if(isset($_POST['username']) && isset($_POST['password'])) 
    Rather than:
    PHP Code:
    if($_POST['username'] && $_POST['password']) 
    i do that but now i get this error.

    Notice: Undefined index: rememberme in /home/bchostin/public_html/bccms/new/login.php on line 17

    on line 17 i have

    PHP Code:
        $rm=$_POST['rememberme']; 
    my php code for the file its

    PHP Code:
    <?php
                
    include("header.inc.php");
                require(
    "dbconnect.php");
                
    error_reporting(E_ALL);
                
    ini_set("error_reporting"2047);
                
    ini_set("display_errors"1);
                
    ini_set("display_startup_errors"1);
                
    $msg_pass="";
                
    $msg_user="";
                if(isset(
    $_POST['username']) && isset($_POST['password'])) 
                {
                    include(
    "dbconnect.php");
                    
    $username mysqli_real_escape_string($con,stripslashes(trim($_POST['username'])));
                    
    $password mysqli_real_escape_string($con,stripslashes(trim($_POST['password'])));
                    
    $cQuery="SELECT * FROM members WHERE username='".$username."' AND Password='".$password."'";
                    
    $con;
                    
    $rm=$_POST['rememberme'];
                    
    $rs=mysqli_query($con,$cQuery);
                    if(!
    $rs)
                    {
                        echo 
    "Unable to excute the query:".mysqli_error($con);
                    }
                    else
                    {
                        
    $count=mysqli_num_rows($rs);
                        if(
    $count>0)
                        {
                            
    $data=mysqli_fetch_assoc($rs);
                            if(
    $data['password']=$password)
                            {
                                
    //For Rembmer me
                                //echo "hi";
                                
    if($rm="On")
                                {
                                    if(isset(
    $_COOKIE['user']))
                                    {
                                        
    //
                                        
    setcookie("user",$username,time()-7200);
                                        
    //
                                        
    $today=date("Ymd");
                                        include(
    "dbconnect.php");
                                        
    $dQuery="UPDATE members SET LastedLogin='$today',signons=signons+1,onlinestatus='1'
                                        WHERE username='"
    .$_COOKIE['user']."'";
                                        
    $rs=mysqli_query($con,$dQuery);
                                        if(!
    $rs)
                                        {
                                            echo 
    "Error:".mysqli_error($con);
                                        }
                                        else
                                        {
                                            echo 
    "";
                                        }
                                        echo 
    "<font color=".$fontcolor.">Logged in as:&nbsp;".$_COOKIE['user']."<br/>";
                                        echo 
    "<font color=".$fontcolor.">Please Wait while we log you in</font>";
                                        
    //echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=console.php\">";
                                        //
                                    
    }
                                    
    //
                                
    }
                                else
                                {
                                    
    //
                                    
    if(isset($_SESSION['user']))
                                    {
                                        
    //
                                        
    $_SESSION['user']=$username;
                                        
    $today=date("Ymd");
                                        include(
    "dbconnect.php");
                                        
    $dQuery="UPDATE members SET LastedLogin='$today',signons=signons+1,onlinestatus='1'
                                        WHERE username='"
    .$_SESSION['user']."'";
                                        
    $rs=mysqli_query($con,$dQuery);
                                        if(!
    $rs)
                                        {
                                            echo 
    "Error:".mysqli_error($con);
                                        }
                                        else
                                        {
                                            echo 
    "";
                                        }
                                        echo 
    "<font color=".$fontcolor.">Logged in as:&nbsp;".$_SESSION['user']."<br/>";
                                        echo 
    "<font color=".$fontcolor.">Please Wait while we log you in</font>";
                                        
    //echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=console.php\">";
                                        //
                                    
    }
                                    
    //
                                    //
                                
    }
                                
    //if Session
                            
    }
                            else
                            {
                                
    $msg_pass="Wrong Password,Please Try again<br>\n";
                                
    $rmt $_SERVER["REMOTE_ADDR"];
                                
    $today=date("F j,Y,g:i a");
                                if(
    $rmt || $today)
                                {
                                    
    $pQuery="insert into failedlogins values('','$username','$password','$rmt','$today')";

                                    
    $result=mysqli_query($con,$pQuery);
                                    if(!
    $result)
                                    {
                                        echo 
    "<font color=".$fontcolor.">Error:".mysqli_connect_errno();
                                        echo 
    "<br/><font color=".$fontcolor.">Error2:".mysqli_error($con);
                                    }
                                    else
                                    {
                                        echo 
    "<font color=".$fontcolor.">Your Ip Address has been Logged!</font>";
                                    }
                                }
                            }
                        }
                        else
                        {
                            
    $msg_user="Wrong Username,Please Try again<br>\n";
                            
    $rmt $_SERVER["REMOTE_ADDR"];
                            
    $today=date("F j,Y,g:i a");
                            if(
    $rmt || $today)
                            {
                                
    $pQuery="insert into failedlogins values('','$username','$password','$rmt','$today')";

                                
    $result=mysqli_query($con,$pQuery);
                                if(!
    $result)
                                {
                                    echo 
    "<font color=".$fontcolor.">Error:".mysqli_connect_errno();
                                    echo 
    "<br/><font color=".$fontcolor.">Error2:".mysqli_error($con);
                                }
                                else
                                {
                                    echo 
    "<font color=".$fontcolor.">Your Ip Address has been Logged!</font>";
                                }
                            }
                        }
                    }
                }
                include(
    "footer.inc.php");    
    ?>
    Why do i get that error?

    Thanks,William.

  7. #7
    Join Date
    Jan 2009
    Posts
    3,346
    Same thing here:
    PHP Code:
    if(isset($_POST['rememberme']){
      
    $rm=$_POST['rememberme']; 
    } else {
      
    $rm "whatever you want the default to be";

    Checkboxes are only sent if they are checked.

  8. #8
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,334
    Just FYI, you can use the ternary operator as a sort of shorthand for such assignments:
    PHP Code:
    $var = (isset($_POST['name'])) ? $_POST['name'] : 'default value'
    It's not "better" of "faster" than using an if/else construct (in fact, it essentially is an if/else constrcut); it's just more compact.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  9. #9
    Join Date
    May 2006
    Posts
    412
    ive made changes to the code and i tried to print out all cookies if there are any and this is what i get back

    Array ( [PHPSESSID] => 3309abd6a5905b33b6bf44291ae1cd4d )

    what does that exactly mean?

    also i printed out what the user is doing and by looks of it the login is thinking that the user is logging in as a session not via a cookie

    this is what i get back from echoing cookies and sessions

    Array ( [PHPSESSID] => 3309abd6a5905b33b6bf44291ae1cd4d )
    session info is
    Array ( [user] => demo )

    heres an updated php code.

    PHP Code:
    <?php
                
    //
                
    if($_POST['login']) 
                {
                    include(
    "dbconnect.php");
                    
    $username mysqli_real_escape_string($con,stripslashes(trim($_POST['username'])));
                    
    $password mysqli_real_escape_string($con,stripslashes(trim($_POST['password'])));
                    
    $cQuery="SELECT * FROM members WHERE username='".$username."' AND Password='".$password."'";
                    
    $con;
                    
    $rs=mysqli_query($con,$cQuery);
                    if(!
    $rs)
                    {
                        echo 
    "Unable to excute the query:".mysqli_error($con);
                    }
                    else
                    {
                        
    $count=mysqli_num_rows($rs);
                        if(
    $count>0)
                        {
                            
    $data=mysqli_fetch_assoc($rs);
                            if(
    $data['password']=$password)
                            {
                                
    //For Rembmer me
                                
    ob_start();
                                
    session_start();
                                if(
    $_POST['rememberme'])
                                {
                                    
    //
                                    
    setcookie("user",$username,time()-7200);
                                    
    ob_flush();
                                    
    //sleep for 5 seconds
                                    
    sleep(5);
                                    
    error_reporting(E_ALL);
                                    
    ini_set("error_reporting"2047);
                                    
    ini_set("display_errors"1);
                                    
    ini_set("display_startup_errors"1);
                                    include(
    "header.inc.php");
                                    
    print_r($_COOKIE);
                                    echo 
    "<br/> session info is<br/>";
                                    
    print_r($_SESSION);
                                    
    ob_end_flush();
                                    if(isset(
    $_COOKIE['user']))
                                    {
                                        
    //
                                        
    $today=date("Ymd");
                                        include(
    "dbconnect.php");
                                        
    $dQuery="UPDATE members SET LastedLogin='$today',signons=signons+1,onlinestatus='1'
                                        WHERE username='"
    .$_COOKIE['user']."'";
                                        
    $rs=mysqli_query($con,$dQuery);
                                        if(!
    $rs)
                                        {
                                            echo 
    "Error:".mysqli_error($con);
                                        }
                                        else
                                        {
                                            echo 
    "";
                                        }
                                        echo 
    "<font color=".$fontcolor.">Logged in as:&nbsp;".$_COOKIE['user']."<br/>";
                                        echo 
    "<font color=".$fontcolor.">Please Wait while we log you in</font>";
                                        
    //echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=console.php\">";
                                        //
                                    
    }
                                }
                                else
                                {
                                    
    //
                                    
    $_SESSION['user']=$username;
                                    
    $today=date("Ymd");
                                    include(
    "dbconnect.php");
                                    
    $dQuery="UPDATE members SET LastedLogin='$today',signons=signons+1,onlinestatus='1'
                                    WHERE username='"
    .$_SESSION['user']."'";
                                    
    $rs=mysqli_query($con,$dQuery);
                                    if(!
    $rs)
                                    {
                                        echo 
    "Error:".mysqli_error($con);
                                    }
                                    else
                                    {
                                        echo 
    "";
                                    }
                                    echo 
    "<font color=".$fontcolor.">Logged in as:&nbsp;".$_SESSION['user']."<br/>";
                                    echo 
    "<font color=".$fontcolor.">Please Wait while we log you in</font>";
                                    
    //echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=console.php\">";
                                    //
                                
    }
                            }
                            else
                            {
                                
    $msg_pass="Wrong Password,Please Try again<br>\n";
                                
    $rmt $_SERVER["REMOTE_ADDR"];
                                
    $today=date("F j,Y,g:i a");
                                if(
    $rmt || $today)
                                {
                                    
    $pQuery="insert into failedlogins values('','$username','$password','$rmt','$today')";

                                    
    $result=mysqli_query($con,$pQuery);
                                    if(!
    $result)
                                    {
                                        echo 
    "<font color=".$fontcolor.">Error:".mysqli_connect_errno();
                                        echo 
    "<br/><font color=".$fontcolor.">Error2:".mysqli_error($con);
                                    }
                                    else
                                    {
                                        echo 
    "<font color=".$fontcolor.">Your Ip Address has been Logged!</font>";
                                    }
                                }
                            }
                        }
                        else
                        {
                            
    $msg_user="Wrong Username,Please Try again<br>\n";
                            
    $rmt $_SERVER["REMOTE_ADDR"];
                            
    $today=date("F j,Y,g:i a");
                            if(
    $rmt || $today)
                            {
                                
    $pQuery="insert into failedlogins values('','$username','$password','$rmt','$today')";

                                
    $result=mysqli_query($con,$pQuery);
                                if(!
    $result)
                                {
                                    echo 
    "<font color=".$fontcolor.">Error:".mysqli_connect_errno();
                                    echo 
    "<br/><font color=".$fontcolor.">Error2:".mysqli_error($con);
                                }
                                else
                                {
                                    echo 
    "<font color=".$fontcolor.">Your Ip Address has been Logged!</font>";
                                }
                            }
                        }
                    }
                    
    /**/
                
    }
                include(
    "footer.inc.php");    
    ?>

  10. #10
    Join Date
    Mar 2009
    Location
    Yorkshire
    Posts
    266
    Ok i didnt read a lot of this, but i noticed one main 'problem'....and 'undefined index' error is where you try using somethng like $_POST or $_SESSION etc without checking its set.......personally i always do something like

    PHP Code:
    if(isset($_POST['name'])&&!empty($_POST['name'])){
       
    // code here
    }
    else{
        
    //no data set

    Sorry if this has already been mentioned, ryan

  11. #11
    Join Date
    May 2006
    Posts
    412
    i have it kind of sorted but now i have another problem that has risen

    PHP Code:
    if(isset($_POST['rememberme']) && !empty($_POST['rememberme']))
                                {
                                    
    //                            
                                    
    echo "cookies are&nbsp;";
                                    
    print_r($_COOKIE);
                                    if(isset(
    $_COOKIE['user']))
                                    {
                                        
    //
                                        
    $today=date("Ymd");
                                        include(
    "dbconnect.php");
                                        
    $dQuery="UPDATE members SET LastedLogin='$today',signons=signons+1,onlinestatus='1'
                                        WHERE username='"
    .$_COOKIE['user']."'";
                                        
    $rs=mysqli_query($con,$dQuery);
                                        if(!
    $rs)
                                        {
                                            echo 
    "Error:".mysqli_error($con);
                                        }
                                        else
                                        {
                                            echo 
    "";
                                        }
                                        echo 
    "<font color=".$fontcolor.">Logged in as:&nbsp;".$_COOKIE['user']."<br/>";
                                        echo 
    "<font color=".$fontcolor.">Please Wait while we log you in</font>";
                                        
    //echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=console.php\">";
                                        //
                                    
    }
                                }
                                else
                                {
                                    
    //
                                    
    ob_start();
                                    
    session_start();
                                    
    ob_flush();
                                    
    //sleep for 5 seconds
                                    
    sleep(5);
                                    
    error_reporting(E_ALL);
                                    
    ini_set("error_reporting"2047);
                                    
    ini_set("display_errors"1);
                                    
    ini_set("display_startup_errors"1);
                                    echo 
    "<br/> session info is<br/>";
                                    
    print_r($_SESSION);
                                    
    ob_end_flush();
                                    
    $_SESSION['user']=$username;
                                    
    $today=date("Ymd");
                                    include(
    "dbconnect.php");
                                    
    $dQuery="UPDATE members SET LastedLogin='$today',signons=signons+1,onlinestatus='1'
                                    WHERE username='"
    .$_SESSION['user']."'";
                                    
    $rs=mysqli_query($con,$dQuery);
                                    if(!
    $rs)
                                    {
                                        echo 
    "Error:".mysqli_error($con);
                                    }
                                    else
                                    {
                                        echo 
    "";
                                    }
                                    echo 
    "<font color=".$fontcolor.">Logged in as:&nbsp;".$_SESSION['user']."<br/>";
                                    echo 
    "<font color=".$fontcolor.">Please Wait while we log you in</font>";
                                    
    //echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=console.php\">";
                                    //
                                

    this is the error i am getting

    Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/bchostin/public_html/bccms/new/login.php:26) in /home/bchostin/public_html/bccms/new/login.php on line 65

    on lines 25 and 26 i have this

    PHP Code:
                                setcookie("user",$username,time()-7200);
    ob_flush(); 
    and on lines 64 and 65 i have this

    PHP Code:
    ob_start();
    session_start(); 
    So how can i fix that error with ob buffering in php?

    Any ideas on how i can fix this,

    Thanks,William

  12. #12
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,334
    The simplest solution is to move anything that sets a header: session_start(), setcookie(), header() to the front of the script before anything gets output (including anything -- even white space -- before the opening <?php tag). If for some reason you cannot do this (though really it should be possible with decently organized code), then you can use ob_start() at the start of the script (again, before anything gets output), and make sure no "flushing" is done prior to any of those header-generating functions.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  13. #13
    Join Date
    May 2006
    Posts
    412
    the php cookies are definately not being sent.

    heres the function of the php code i have placed the php function at the top of the script.

    PHP Code:
    $u=$_SERVER['SERVER_NAME'];
                                    
    //setcookie('user',$username,time()-7200);
                                    
    echo $_COOKIE['user'];
                                    
    setcookie("user",$username,time()+7200,"/",$u,1);                            
                                    if(isset(
    $_COOKIE['user']))
                                    {
                                        
    //
                                        
    echo "cookies are&nbsp;";
                                        
    $today=date("Ymd");
                                        include(
    "dbconnect.php");
                                        
    $dQuery="UPDATE members SET LastedLogin='$today',signons=signons+1,onlinestatus='1'
                                        WHERE username='"
    .$_COOKIE['user']."'";
                                        
    $rs=mysqli_query($con,$dQuery);
                                        if(!
    $rs)
                                        {
                                            echo 
    "Error:".mysqli_error($con);
                                        }
                                        else
                                        {
                                            echo 
    "";
                                        }
                                        echo 
    "Logged in as:&nbsp;".$_COOKIE['user']."<br/>";
                                        echo 
    "Please Wait while we log you in<";
                                        
    //echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=console.php\">";
                                        /*
                                        $today=date("Ymd");
                                        include("dbconnect.php");
                                        $dQuery="UPDATE members SET
                                        LastedLogin='$today',signons=signons+1,onlinestatus='1'
                                        WHERE username='".$username."'";
                                        $rs=mysqli_query($con,$dQuery);
                                        if(!$rs)
                                        {
                                            echo "Error:".mysqli_error($con);
                                        }
                                        else
                                        {
                                            echo "";
                                        }
                                        echo "<font color=".$fontcolor.">Logged in as:&nbsp;".$username."<br/>";
                                        echo "<font color=".$fontcolor.">Please Wait while we log you in</font>";
                                        */
                                        //
                                    


  14. #14
    Join Date
    Jan 2009
    Posts
    3,346
    You can't echo $_COOKIE before you set the cookie without using an output buffer. Try what was suggested and put session_start() first right after your first <?php tag. Then make sure there are no echo, print, etc before you set any cookies or try to change the headers in any way.

  15. #15
    Join Date
    Sep 2009
    Posts
    10
    <?php

    function login($username, $password, $remember = false)
    {
    $sql = mysql_query("SELECT * FROM bio_users WHERE password = '" . $password . "' AND username = '" . $username . "' LIMIT 1");
    // If there are no matches then the username and password do not match
    if($sql === false)
    {
    return false;
    }
    else
    {
    while($u = mysql_fetch_array($sql))
    {
    $this->account_active = true;
    // Check if user wants account to be saved in cookie
    if($remember)
    {
    // Generate new auth key for each log in (so old auth key can not be used multiple times in case
    // of cookie hijacking)
    $cookie_auth= rand_string(10) . $username;
    $auth_key = session_encrypt($cookie_auth);
    $auth_query = mysql_query("UPDATE users SET auth_key = '" . $auth_key . "' WHERE username = '" . $username . "'");

    setcookie("auth_key", $auth_key, time() + 60 * 60 * 24 * 7, "/", "example.com", false, true)
    }
    // Assign variables to session
    session_regenerate_id(true);
    $session_id = $u[id];
    $session_username = $username;
    $session_level = $u[user_level];

    $_SESSION['user_id'] = $session_id;
    $_SESSION['user_level'] = $session_level;
    $_SESSION['user_name'] = $session_username;
    $_SESSION['user_lastactive'] = time();
    return true;
    }
    }
    }
    ?>

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles