I have a web-based portal where we have 2 types of login pages depending on the end user, admin and associate. Anyone who wants to log in the web-based portal first has to enter his type (i.e. end user, admin, associate) then he has to give his id and password in the next page.
Now there are several users and associates. I want that any user or associate should not be able to change the database value of other users or associates. So I am trying to store the user ID in the login page by using the setcookie function. I want to access that value in other pages, where the user can see what are the files assigned to their name.
I am trying to show those files from the database using the MySQL query in another web page.
$result = mysql_query("select file_name from File where
user_name = '$user_name';");
But I am not getting the cookie value at '$user_id'
I used this code:
<?php
//$mycookie = $_COOKIE["cookie_user_name"];
if (isset( $mycookie))
print "<p>The value in cookie - $mycookie</p>";
else
print "<p>There is no value in cookie.</p>";
?>
Please help me with this. Thank you.
You are doing isset($mycookie) - but $mycookie will always be set because you set it just one line earlier.
You need to check if $_COOKIE["cookie_user_name"] is set. (I suggest using the empty() function for this instead of isset().)
For a more complete answer include the code with setcookie.
Just a gentle suggestion: You are not qualified to be writing security code, you are still a novice. Wait until you have more experience before trying to write security code.