View Full Version : Setting up a cookie Error

08-04-2008, 03:58 AM
I have the code down below, my error is that when the information is submitted, the cookies are not set. Can anyone see any problem with the script in which it would work?

$login = $_POST['login'];
$username = strip_tags($_POST['username']);
$username = strtolower($username);
$username = str_replace(" ", "", "$username");
$username = str_replace("'", "", "$username");
$username = str_replace("\"", "", "$username");
$password = strip_tags($_POST['password']);
$date = date("U")-600;
$query = mysql_query("SELECT * FROM users WHERE

username='$username' && password='$password' ");
if(mysql_num_rows($query) < 1){
$status = "<font color='red'>Invalid Username And/Or Password</font><br

$datet = date("U");
mysql_query("DELETE FROM session WHERE username='$username' ");
$date = date("U")+3600;
mysql_query("INSERT INTO session VALUES('$username', '$date', '$ip',

'$password', '$date')");
$datee = date("F jS Y g:iA");
$datey = date("U");
mysql_Query("UPDATE users SET lastlogon='$datee', lastlogo='$datey'

WHERE username='$username' ");
$page = $_POST['page'];
echo "<script type=\"text/javascript\">
window.location = \"$page\"
<script type="text/javascript">
window.location = "member.php"

08-04-2008, 04:41 AM
Cookies are set within a header.
That means you need to either refresh the page with a new header,
or jump out to another PHP script, set the cookie(s) and jump back.

With the code you provided, I can't really tell what is happening.

But you probably have a form where the user puts in a userid and password?

When that form is submitted, it should jump to a script that verifies the
login and sets a cookie, then goes to another script using:
header ("location: index.php");
... or whatever page it needs to go to. That motion of using header, sets the cookie.

Here's the deal though ....
I question why you're using cookies instead of PHP SESSIONS.
SESSIONS are much more secure.

and another thing .... I think your cookies expire if the browser closes
because you don't specify an expiration date.