[PHP] Cookies are not working on my website

Discussion in 'Scripts, 3rd Party Apps, and Programming' started by mypebook, Mar 1, 2014.

  1. mypebook

    mypebook New Member

    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    My website, http://mypebook.x10.mx/MYPE/

    When a user logs in, it creates a cookie that contains there $_POST['user'] or in other words, there username. It looks like this,
    Code:
    <?php
    session_start();
    $_SESSION['loggedIn'] = false; //This will auto-matically change when the user logs in.
    $adminAcc = "bi0sph3re";
    
    $_SESSION['host'] = "localhost";
    $_SESSION['dbUser'] = "censored";
    $_SESSION['dbPass'] = "censored";
    $_SESSION['dbName'] = "censored";
    $_SESSION['table'] = "users";
    $_SESSION['user'] = $_POST['user'];
    $_SESSION['pass'] = $_POST['pass'];
    $table = 'users';
    mysql_connect($_SESSION['host'],$_SESSION['dbUser'],$_SESSION['dbPass']);
    mysql_select_db($_SESSION['dbName']);
    $user = mysql_real_escape_string($_POST['user']);
    $pass = mysql_real_escape_string($_POST['pass']);
    $query = mysql_query("SELECT * FROM ".$table." WHERE user='".$user."' AND pass='".$pass."'");
    $count= mysql_num_rows($query);
    setcookie("user",$user, time() + (10 * 365 * 24 * 60 * 60));
    in login.php it also creates a file for the user in /users/ and then redirects them to there page
    when they login to there profile they can edit there profile, which is a hyperlink that redirects to editprofile.php

    in editprofile.php it looks like

    Code:
    <?php
    session_start();
    echo '
    <html>
    <head>
    <title>Mype</title>
    <link rel="stylesheet" href="http://mypebook.x10.mx/MYPE/design/style.css" type="text/css">
    </head>
    <body>
    <font face="arial">
    <h1>Mype - Profile</h1>
    <center>
    <a href="search.html">Search For A User</a> | <a href="http://mypebook.x10.mx/MYPE">Home</a><br /><br/>
    <h2>Welcome, '.$_COOKIE['user'].'</h2><br />
    What part of your profile would you like to edit?<br/>
    <a href="users/about.php">Add details about yourself</a><br/>
    <a href="users/avatar.php">Edit your Avatar</a><br/>
    <a href="users/email.php">Edit your Email</a><br/>
    <a href="users/fname.php">Edit your First Name</a><br/>
    <a href="users/lname.php">Edit your Last Name</a><br/>
    <a href="users/website.php">Edit your Website</a><br/>
    <br /><br />
    
    </body>
    </html>
    <!--End of website, kthxbai.-->
    ';
    
    ?>
    where it says welcome $_COOKIE['user']; that on the website is showing up blank. If you would like to see, try for yourself.
    Please help me find out why the cookies are not working
     
  2. mypebook

    mypebook New Member

    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    By the way, for the login.php I censored out the rest of the code
     
  3. caftpx10

    caftpx10 Well-Known Member

    Messages:
    1,486
    Likes Received:
    106
    Trophy Points:
    63
    You shouldn't be making universal variables identified with an other one, really bad.
    Your code is vulnerable to SQL Injection.

    Use error_reporting(1); or error_reporting(E_ALL); for PHP debugging.

    For variables, use var_dump($NAME_OF_VAR_TO_DEBUG);
     
    Last edited: Jul 6, 2014

Share This Page