cookies and sessions

General PHP Help
#1

i can’t tell if this is working right
can anyone help me tell if the cookie is set right?
how can i print that out
and the session? how will i know if that is safely set?
id does not print the cookie id or session id as i have asked it to print.
prints ‘this is admin page’
thanks

login

[php]<?php

//this is the main login file for the database
include “connect.php”;

//if connection fails, print this
if (mysqli_connect_errno()) {
printf(‘Connect failed’, mysqli_connect_error());
exit();
}

//unset any cookies already there by expiring time one hour ago
unset($_COOKIE[$cookie_name]);

// empty value and expiration one hour before
$res = setcookie($cookie_name, ‘’, time() - 3600);

//now it should be empty cookie, so if cookie is empty post username and password
if (!empty($_POST[‘username’]) && !empty($_POST[‘password’]))

{
//get this info from the admins table
$query = ‘SELECT username, password
FROM admins
WHERE username = ?
AND password = ?’;

$stmt = $mysqli->prepare($query);

if (!$stmt)
{
//print this only if failed to retrieve values from table above
echo ‘failed to prepare statement’;

} else

{

//bind parameters
$stmt->bind_param(‘ss’, $_POST[‘username’], $_POST[‘password’]);
$stmt->execute();

 $stmt->bind_result($username, $password);
 $stmt->fetch();

 if (empty($username)) {
   printf("username is an email and email and-or password not found in system\n", $_POST['username'], $_POST['password']);      

 } else {
   printf($username, $password);
 }

$_SESSION[‘example’] = “Test”;
$cookie_name = “$username”;
$cookie_value = “$username”;
setcookie($cookie_name, $cookie_value, time() + (86400), ‘/’); // 86400 = 1 day
echo $cookie_name;
echo $cookie_value;
//send to admin page
header(“Location: admin.php”);
}
}

$mysqli->close();

?>

username -email address- password [/php]

and the admin page that the user goes to when successfully logged in

[php]<?php
$timeout = 20 * 60; // 20 minutes
$fingerprint = md5(‘SECRET-SALT’.$_SERVER[‘HTTP_USER_AGENT’]);
session_start();
if ( (isset($_SESSION[‘last_active’]) && (time() > ($_SESSION[‘last_active’]+$timeout)))
|| (isset($_SESSION[‘fingerprint’]) && $_SESSION[‘fingerprint’]!=$fingerprint)
|| isset($_GET[‘logout’]) ) {
do_logout();
}
session_regenerate_id();
$_SESSION[‘last_active’] = time();
$_SESSION[‘fingerprint’] = $fingerprint;

?>

</php

echo SESSIONID();

?>

this is the admin page

logout

[/php]
#2

You echo it like any other variable, echo $_COOKIE[‘cookie name’];

Sponsor our Newsletter | Privacy Policy | Terms of Service