I am using the PHP below with a form that I am using to determine whether a user has authorized access to the next page.
However, I have to fill out the form at least twice for the information to go through. If I enter in the correct information on the first attempt, it will say give the appropriate error statement I coded in, then if I put literally anything into the form and hit submit, it will go through.
I can put incorrect information a million times and it won't go through, but if I put the correct info once, I have to hit submit then fill out the form again with any information and hit submit for a second time, then I will be taken to the next page. I removed the if (isset ($_COOKIE) block completely to see if it made a difference, but it did the exact same thing.
<?php
include_once "database.php";
session_start();
if (isset($_POST['submit'])) {
if (isset($_COOKIE['first'])){
setcookie("first",'',time()-3600,"/");
setcookie("last",'',time()-3600,"/");
setcookie("city",'',time()-3600,"/");
}
$first=$_POST["first"];
$last=$_POST["last"];
$city=$_POST["city"];
setcookie("first",$_POST["first"],0,"/");//cookie expires after browser closes
setcookie("last",$_POST["last"],0,"/");//cookie expires after browser closes
setcookie("city",$_POST["city"],0,"/");//cookie expires after browser closes
clearstatcache();
$sql="SELECT * FROM invited WHERE FIRSTNAME='".$_COOKIE['first']."' AND LASTNAME='".$_COOKIE['last']."' AND CITY='".$_COOKIE['city']."'";
$found=mysqli_query($conn,$sql);
echo "$first
$last
$city";
if (mysqli_num_rows($found)){
$success="<script>window.location.href='rsvp.php'</script>";
}
else{
$fail="ERROR, Could not find";
}
}
?>
HTML Form:
<form action="" method="POST">
<p>Enter Family Name (as it appears on your invitation): </p>
<input class="entry" type="text" name="first" placeholder="FIRST NAME" required><br><br>
<input class="entry" type="text" name="last" placeholder="LAST NAME" required><br><br>
<input class="entry" type="text" name="city" placeholder="CITY (ONLY)" required><br><br>
<input type="submit" onclick="getCookie()" name="submit">
</form>
Sal, you mustn't rush into this. Let's first understand what your setcookie function actually does:
It sets cookies, right? Sure.
However, if you read on to the second paragraph you would then understand that:
Once the cookies have been set, they can be accessed on the next page load with the
$_COOKIEarray. Cookie values may also exist in$_REQUEST.
So these two blocks of code are wasteful repetition of code:
if (isset($_COOKIE['first'])){
setcookie("first",'',time()-3600,"/");
setcookie("last",'',time()-3600,"/");
setcookie("city",'',time()-3600,"/");
}
//...
setcookie("first",$_POST["first"],0,"/");//cookie expires after browser closes
setcookie("last",$_POST["last"],0,"/");//cookie expires after browser closes
setcookie("city",$_POST["city"],0,"/");//cookie expires after browser closes
Since they are running in the same run time instance they should not be available until the next load, or the next POST you request. Which I believe would cause the weird "bug" (if you wanna call it that) in your form.
To set a cookie, you would use setcookie(). But that's not what you are doing. What you are trying to do is modify their values. Which is much simpler:
$_COOKIE['first'] = $_POST['first'];
// ... and so on
If you are trying to unset() the $_COOKIE then your if clause is okay.
May I recommend, however, a simpler approach?
You are already using $_SESSIONs. So, why create the hurdle of cookie management when you can easily manage sessions via PHP? The value would still be accessible on your rsvp.php page, and the browser will automatically "forget" the session at closing (unless you say otherwise). I mentioned that because of the comments in your code: //cookie expires after browser closes
To use the sessions simply assign values, they are just an array after-all.
$_SESSION['first'] = $_POST['first'];
That will free up 9 lines of code you currently have.