[thelist] PHP help required please

Andrew Forsberg andrew at thepander.co.nz
Sun Feb 3 15:02:01 CST 2002


>I can't seem to stay away ;)
>
>the cookie is assigned the value of the username, as I want it to, and the
>content of the cookie can be displayed on the same page as it is set on, but
>on any other page in the site, the cookie has no value. any ideas what I
>might be doing wrong?

First, you might want to test for something more specific than just
$username -- e.g.: $HTTP_POST_VARS["username"]. It's only slightly
more secure, but you definitely, after whatever authentication /
verification routine, and once the cookie has been set, want to check
for $HTTP_COOKIE_VARS["username"] (or, better still,
$HTTP_SESSION_VARS["username"] if you're using the built-in session
handling functions) to avoid people spoofing each other's accounts
like so: http://www.yourdomain.com/userarea.php?username=someOneElse.

Are you trying to read the cookie from within a function? You'll need to write:

global $HTTP_COOKIE_VARS["username"];

near the top of the function. Or, if you're using php 4.1.0 or
higher, then you can access this via $_COOKIE["username"] which is
always global in scope.

HTH
Andrew


--
Andrew Forsberg
---
uberNET - http://uber.net.nz/
the pander - http://thepander.co.nz/



More information about the thelist mailing list