I have a login form with ajax and I am trying to set cookies if a "remember me" checkbox is checked. I already have code that runs when the user has the "remember me" box checked but the cookies aren't being set. Executing var_dump($_COOKIE) outputs array(1) { ["PHPSESSID"]=> string(26) "xxxxxxxxxxxxxxxxxxxxxxxxxx" } and it outputs the same thing even after executing secookie().
Login.php
<?php
require_once (dirname(__FILE__) . '/../../inc/inc.all.php');
$username;
$password;
$remember;
$token;
if (!isset($_POST['username'])) {
echo "Username field must be set!";
die();
}
$username = $_POST['username'];
if (!isset($_POST['password'])) {
echo "Password field must be set";
die();
}
$password = md5($_POST['password']);
$remember = $_POST['remember'];
if (!isset($_POST['token'])) {
echo "There was a problem logging you in securly, Prehaps you are trying to log in from a different window?";
die();
} else {
$token = $_POST['token'];
}
// Validate token
if (!isset($token) || $token != $_SESSION['token']) {
echo "Invalid token: There was a problem logging you in securley, Prehaps you are trying to log in from a different window?";
die();
}
// Log the user in
$sql = "SELECT ID FROM cs_users WHERE username = '{$username}' AND password = '{$password}'";
$query = $db -> query($sql);
if ($query -> num_rows) {
list($id) = @array_values($query -> fetch_assoc());
if ($remember) {
$expire = time() + 60 * 60 * 24 * 180;
echo $id.'<br>'.$username.'<br>'.$password.'<br>';
setcookie("id", $id, $expire);
setcookie("username", $username, $expire);
setcookie("password", $password, $expire);
// header("LOCATION:{$_SERVER['PHP_SELF']}");
} else {
$_SESSION['id'] = $id;
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
}
echo true;
} else {
echo "Invalid username/password";
die();
}
?>
You need to start the session by calling session_start();
*Executing var_dump($_COOKIE) outputs array(1) { ["PHPSESSID"]=> string(26) "xxxxxxxxxxxxxxxxxxxxxxxxxx" } and it outputs the same thing even after executing secookie().*
The questions here, can you set another cookies from another scripts? If no means server config issues, else, need to debug current script.
From what I understand from your question, you cannot check test $_COOKIE from within the same script that set it. In other words, you cannot test var_dump($_COOKIE) directly after executing secookie(). You can't read the value of a $_COOKIE until a new page request is made. This is because the value of cookie data is sent from the browser with each request.
I think setting cookies might take a moment to be settled. The best way to test if you the cookie has been created is to check your browser cookies and see if the cookies are there.
When you run the command setCookie(); it will only take effect when the script finishes and pass the output to the browser. Then the browser will create the cookie.
Check what the return value of setcookie function is maybe it returns FALSE if output has been already sent before the function call.
Check PHP configuration and .htaccess to see if setting cookies is enabled (try to set cookie regardless if the login process, just set a testing cookie and see if it works).
Try adding domain path, setcookie('name','14', time()+3600, '/', 'yourSite.com')
Disabling cookies for IP addresses and localhost was a design decision, do you have a domain name?
Hope that helps.
I fixed it myself. It Was setting the cookies. For the domain /internal/cloudshop/login. Changing the setCookie to setCookie("username", $username, "/") fixed the problem