Home/ Questions/Q 8364423
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-09T12:25:39+00:00

Possible Duplicate: PHP Can't read cookies? I am adding a log in and remember

  • 0

Possible Duplicate:
PHP Can't read cookies?

I am adding a log in and remember me function to my web page. I am using $_SESSION variables and $_COOKIE variables but I can’t get the cookies to set using setcookie(). I have run the code through http://www.phpcodechecker.com and found no errors. My browser(Chrome, and IE) is set to accept cookies. No matter what I do these cookies will not set. Can someone please help me out?

<?php

$page_title = 'Log In';
$css_link = 'login.css';
require_once('includes/db_connection.php');
require_once('includes/header.php');
require_once('includes/navlinks.php');



// Start the session
  require_once('includes/startsession.php');

  // Clear the error message
  $error = '';

  // If the user isn't logged in, try to log them in
  if (!isset($_SESSION['beecharmer_user_id'])) {
    if (isset($_POST['submit'])) {
      // Connect to the database
      $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
  // Grab the user-entered log-in data
  $username = mysqli_real_escape_string($dbc, trim($_POST['username']));
  $password = mysqli_real_escape_string($dbc, trim($_POST['password']));

  if (!empty($username) && !empty($password)) {
    // Look up the username and password in the database
    $query = "SELECT salt FROM beecharmer_user WHERE username = '$username'";
    $data = mysqli_query($dbc, $query);
    $row = mysqli_fetch_array($data);
    $password_salt = hash("sha512", $password.$row['salt']);
    $query = "SELECT user_id, username, access_level FROM beecharmer_user WHERE username = '$username' AND password = '$password_salt'";
    $data = mysqli_query($dbc, $query);

    if (mysqli_num_rows($data) == 1) {
      // The log-in is OK so set the user ID and username session vars (and cookies), and redirect to the home page
      $row = mysqli_fetch_array($data);
      $_SESSION['beecharmer_user_id'] = $row['user_id'];
      $_SESSION['beecharmer_username'] = $row['username'];
      $_SESSION['beecharmer_access_level'] = $row['access_level'];
      setcookie('beecharmer_user_id', $row['user_id'], time() + 525960);    // expires in 365.25 days
      setcookie('beecharmer_username', $row['username'], time() + 525960);  // expires in 365.25 days
      setcookie('beecharmer_access_level', $row['access_level'], time() + 525960);  // expires in 365.25 days

      // The next 4 lins just show what vars are set and what vars are not set.
      // They serve no other purpose.
      echo ('These are cookies '.$_COOKIE['beecharmer_user_id'].' '.$_COOKIE['beecharmer_username'].' '.$_COOKIE['beecharmer_access_level'].'<br/>');
      echo ('these are session vars '.$_SESSION['beecharmer_user_id'].' '.$_SESSION['beecharmer_username'].' '.$_SESSION['beecharmer_access_level'].'<br/>');
      echo ('These are query vars '.$row['user_id'].' '.$row['username'].' '.$row['access_level']);
      echo ($row['user_id'].' '.$row['username'].' '.$row['access_level']);

      $home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php';
      //header('Location: ' . $home_url);
    }
    else {
      // The username/password are incorrect so set an error message
      $error = 'Sorry, you must enter a valid username and password to log in.';
    }
  }
  else {
    // The username/password weren't entered so set an error message
    $error_msg = 'Sorry, you must enter your username and password to log in.';
  }
}


 }  
?>

<div class= "info">
<?php
    // If the session var is empty, show any error message and the log-in form; otherwise confirm the log-in
    if (empty($_SESSION['beecharmer_user_id'])) {
        echo '<p class="error">' . $error . '</p>';
    }else {
        // Confirm the successful log-in
        echo('<p class="login">You are logged in as ' . $_SESSION['beecharmer_username'] . '.</p>');
    }
?>
  <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
    <fieldset>
      <legend>Log In</legend>
      <label for="username">Username:</label>
      <input type="text" name="username" value="<?php if (!empty($username)) echo $username; ?>" /><br />
      <label for="password">Password:</label>
      <input type="password" name="password" />
    </fieldset>
    <input type="submit" value="Log In" name="submit" />
  </form>
  <?php //if (isset($_SESSION['beecharmer_user_id'])) echo $_COOKIE['beecharmer_username'].' '.$_COOKIE['beecharmer_access_level']; ?>
</div>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I don’t know if it’s your case, but setcookie must come before any output to browser (including echo and the HTML code outside of <?php … ?>). Make sure you don’t output anything before them. This is because the HTTP headers must come before the response body. The page you posted doesn’t seem to be complete (it’s only a div) so I cannot see if it’s the case, but probably you’re sending the HTML <head> before the PHP code.

    Also, as Petra said, $_COOKIE is loaded on page request, so new cookies set with setcookie aren’t stored in it yet, but they get there only on the next page request.

    • 0