RaythMistwalker Posted November 8, 2011 Share Posted November 8, 2011 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <?php session_start(); ini_set('display_errors', 'On'); error_reporting(-1); //Connect to Database and Check cookies for logged in user $db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASS); mysql_select_db(MYSQL_DB_NAME); if (!isset($_GET['act'])) { if (!isset($_POST['act'])) { $act = 'idx'; } if (isset($_POST['act'])) { $act = mysql_real_escape_string($_POST['act']); } } if (isset($_GET['act'])) { $act = mysql_real_escape_string($_GET['act']); } If ($act == 'login' && $_GET['CODE']=='1') { $usernameUsed = mysql_real_escape_string($_POST['Username']); $passwordUsed = mysql_real_escape_string($_POST['Password']); $SaltPassword = MEMBER_PASS_SALT_1.$passwordUsed.MEMBER_PASS_SALT_2; $HashPassword = md5($SaltPassword); $QueryLogin = "SELECT * FROM ".MEMBER_LOGIN_TABLE." WHERE username='{$usernameUsed}' AND password='{$HashPassword}'"; $LoginResult = mysql_query($QueryLogin); if (mysql_num_rows($LoginResult) > 0) { $UserID = mysql_result($LoginResult, 0, 'user_id'); $Id = uniqid(); $IdQry = "UPDATE ".MEMBER_LOGIN_TABLE." SET `unique_id`='{$Id}' WHERE user_id='{$UserID}'"; $IdRes = mysql_query($IdQry, $db); setcookie('RAYTH_MEMBER_ID', $Id, time()+2592000); } } If ($act == 'logout' && $_GET['CODE'] == '1') { setcookie('RAYTH_MEMBER_ID', "", time()-3600); } if (isset($_COOKIE['RAYTH_SKIN'])) { $Skin = $_COOKIE['RAYTH_SKIN']; } Else { $Skin = 'redskin'; } if (isset($_COOKIE['RAYTH_MEMBER_ID'])) { $Id = mysql_real_escape_string($_COOKIE['RAYTH_MEMBER_ID']); $MemIdQry = "SELECT user_id FROM ".MEMBER_LOGIN_TABLE." WHERE `unique_id`='{$Id}'"; $memidres = mysql_query($MemIdQry, $db); $memidnum = mysql_num_rows($memidres); If ($memidnum < 1) { setcookie('RAYTH_MEMBER_ID', '', time()-3600); } Else { $memid = intval(mysql_result($memidres, 0, 'user_id')); } } if (isset($memid)) { $query_meminfo = "SELECT * FROM ".MEMBER_PROFILE_TABLE." WHERE `user_id`='{$memid}'"; $query_result = mysql_query($query_meminfo, $db); $MemName = mysql_result($query_result, 0, 'display_name'); $MemGroup = mysql_result($query_result, 0, 'Group'); $AdsEnabled = mysql_result($query_result, 0, 'ads_enabled'); $UserLevel = intval(mysql_result($query_result, 0, 'user_level')); $LevelQuery = "SELECT group_level FROM ".MEMBER_GROUPS." WHERE group_id='{$MemGroup}'"; $LevelResult = intval(mysql_result(mysql_query($LevelQuery, $db), 0, 'group_level')); If ($UserLevel < $LevelResult) { $MemLevel = $LevelResult; } Else { $MemLevel = $UserLevel; } } else { $MemLevel = 0; $AdsEnabled = 'yes'; } ?> <html> <HEAD> <title>Rayth.Info ..::Home::..</title> <?php $File = './skins/'.$Skin.'/'.$Skin.'.php'; If (file_exists($File)) { include("./skins/{$Skin}/{$Skin}.php"); } Else { include("../skins/{$Skin}/{$Skin}.php"); } ?> Ok this code is the Headers code which checks if user is logged in, what skin to load etc. It is also used in the forum (so used in home and forum) via php include. Now somethin strange happens. If I use the home page to login (Rayth.Info) it logs me in for both home page and forum (rayth.info/forum) Now, if I then logout, and goto the forum, relogin, it doesn't log me in on the home page. Both pages use the same login/logout/register forms by php include and the same headers.php by include so I cant see any reason why this is happening. The cookie is obviously being set when user logs in since it sees them logged in on one page. Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted November 8, 2011 Share Posted November 8, 2011 Do you have the following directives set in your php.ini file? error_reporting = -1 display_errors = On If not, make those changes, restart Apache, and post the errors the script returns. Quote Link to comment Share on other sites More sharing options...
RaythMistwalker Posted November 8, 2011 Author Share Posted November 8, 2011 Errirs are on (see top of code) and they usually return errors. Its as if it isnt seeing the cookie Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted November 8, 2011 Share Posted November 8, 2011 That isn't in the right place; it should be the very first thing in the script. That script is generating a "headers already sent" warning, and it isn't being reported. Also, enabling error reporting in the script at runtime will not report any fatal parse errors, you'll just get no output and a blank screen. While you're developing, it needs to be enabled in the php.ini file to give you the most help possible. Quote Link to comment Share on other sites More sharing options...
RaythMistwalker Posted November 8, 2011 Author Share Posted November 8, 2011 Ok moved to top of script and I still get the same problem. I don't have access to php.ini either Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted November 8, 2011 Share Posted November 8, 2011 What are the errors? Quote Link to comment Share on other sites More sharing options...
RaythMistwalker Posted November 8, 2011 Author Share Posted November 8, 2011 That's what i'm saying. there are no errors. It's doing exactly what it's supposed to do if the cookie isnt set yet if I goto the forum which used this same file via include it sees the cookie and says im logged in. This only happens if I login from the forum page, but if I login from the main page it says im logged in on forum and home. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted November 8, 2011 Share Posted November 8, 2011 You are not setting the 4th parameter in the setcookie statement to '/', so the cookie only matches the path where it was set at. I'm pretty sure this is mentioned in the setcookie documentation - setcookie Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted November 8, 2011 Share Posted November 8, 2011 The very first lines in that script are output, so there has to be at least one error, which would be a "headers already sent" warning related to the session_start() call. If the code makes it to any of the setcookie() calls, those will also generate errors because setting cookies is done via headers as well. You can't have any output at all sent to the browser before headers are sent. Quote Link to comment Share on other sites More sharing options...
RaythMistwalker Posted November 8, 2011 Author Share Posted November 8, 2011 @PFMaBiSmAd: TY that solved the problem @Pikachu2000: If you had read one of my previous posts i clearly stated I moved it all to the top and any output to the bottom. Also the setcookie was working fine as setting the cookie before moving so the rule about output must be different from DOCTYPE header. Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted November 8, 2011 Share Posted November 8, 2011 You didn't state you moved the output, just that you moved the error reporting settings. And no, you can't send the <!DOCTYPE tag or anything else, not even a space, to the browser before sending any headers. setcookie() defines a cookie to be sent along with the rest of the HTTP headers. Like other headers' date=' cookies must be sent [i']before[/i] any output from your script (this is a protocol restriction). This requires that you place calls to this function prior to any output, including <html> and <head> tags as well as any whitespace. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.