Home/ Questions/Q 8543143
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-11T12:14:00+00:00

Suppose a user inputs his/her username and password and clicks on the submit button,

  • 0

Suppose a user inputs his/her username and password and clicks on the submit button, which utilizes $_POST method on the form. To log in successfully, obviously the username and password have to match what’s in my mysql database, which is done through a series of “if” statements. The form and “if” statements have to lie within the html tags to display the correct error messages if the credentials are wrong. After the username and password successfully satisfy all of the “if” statements, which are located within the html tags, I obviously want to set a cookie. However, I can’t set a cookie within the html tags.

/*setcook() function can ONLY be placed HERE before the <html> tags, but that does not work with my php code*/
<html>
<head><title></title><body>

<?php
if (isset($_POST['username']) OR isset($_POST['password']))
{ 
/*bunch of "if" statements go here to confirm the credentials are correct and match what's in the database. if the username and password are correct, all of the "if" statements here are passed, and then i WANT to set a cookie HERE so the user is logged in but i can't*/
}

else echo <<<_END
<form action="login.php" method="post">
Username: <input type="text" name="username"/>
Password: <input type="password" name="password" />
<input type="submit" value="Submit" />"; //this is the form that the user fills out and submits
</form>
_END;
?>

</body>
</html>

HOWEVER, the setcookie() function only works BEFORE the html tag. How can I set a cookie AFTER all the username and password credentials are verified in my PHP code that lies inside the html tags?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You shouldn’t be putting logic like this mixed in with your HTML. Put all of your PHP to validate credentials before any output is sent. Then, you can set any cookies you want.

    The reason you can’t set the cookie later is that cookies are set as part of headers, which are done being sent by the time output begins. You could work around this by enabling output buffering… but don’t do it. It’s bad practice, isn’t always enabled on other servers, and has the potential to slow things down a hair.

    I also recommend using PHP sessions. If you do, you can set data in them anywhere you want, as the data is stored server-side. You just have to be sure to start your session right off the bat, so that the cookie is set and the session data is available to your applicatoin.

    • 0