 |
 |
04-08-2008, 12:12 PM
|
|
#1
|
|
|
Deity (Level 17)
Join Date: Jan 2004
Location: New Jersey, USA
Posts: 867
|
setcookie
Ok,
I'm using setcookie when a user logs in, storing the serialized data as per a tutorial I followed a while back now (can't find the tutorial), on my test machine the cookie is stored, no issue and everything works. However, when I upload to my host, when I login nothing happens.
So, I look at what "nothing" happens means and find that the cookie is being set, I'm able to output information, the login is being processed, cookie is written and set to expire in 5 days, but when I go to read it again, it's now set to; b%3A0%3B. It's as if it isn't reading back my serialised data after it's been set and then writing it back as nothing.
I've checked that the headers aren't being sent, and that I'm not getting any strange errors there, but then, it wouldn't work on my test machine if the headers were being sent.
Any ideas?
__________________
For web design and software development;
|
|
 Add to del.icio.us
 Can you digg it?
|
|
|
|
04-08-2008, 12:26 PM
|
|
#2
|
|
|
Deity (Level 17)
Join Date: Jan 2004
Location: New Jersey, USA
Posts: 867
|
Change that, I've changed the script a little..here it is;
PHP Code:
<?php
class User
{
private $_sessionExpiry;
private $_userConfiguration;
function User( )
{
$this->_userConfiguration = array( );
$this->_userConfiguration[ "isLoggedIn"] = false;
$this->_sessionExpiry = 5;
}
function LoggedIn( )
{
return isset( $this->_userConfiguration[ "isLoggedIn"]) ? $this->_userConfiguration[ "isLoggedIn"] : false;
}
function Login( $username, $password )
{
$result = false;
$database = Database::GetInstance();
$query = "SELECT members.* , roles.*
FROM members
LEFT JOIN roles ON ( roles.id = members.role )
WHERE username = '{$username}'
AND members.password = PASSWORD( '{$password}')";
$checkLogin = $database->Query( $query);
if( $checkLogin && $database->RowCount( ) > 0)
{
$user = $checkLogin[ 0];
$this->_userConfiguration[ "username"] = $user[ 'username'];
$this->_userConfiguration[ "email"] = $user[ "emailaddress"];
$this->_userConfiguration[ "name"] = $user[ 'title'] . " " . $user[ "initials"] . " " . $user[ "surname"];
$this->_userConfiguration[ "isLoggedIn"] = true;
$this->_userConfiguration[ "role"] = $user[ 'role'];
$this->_userConfiguration[ "allowInsert"] = $user[ "allowInsert"];
$this->_userConfiguration[ "allowDelete"] = $user[ "allowDelete"];
$this->_userConfiguration[ "allowView"] = $user[ "allowView"];
$this->WriteCookie();
$result = true;
}
return $result;
}
function Logout( )
{
setcookie( "currentInfo",
addslashes(serialize(array())),
(time( ) - 31500000),
"/");
}
function Create( )
{
if( !$this->ReadCookie( ))
{
$sessionId = "";
while( strlen( $sessionId) < 32)
$sessionId .= mt_rand( 0, mt_getrandmax( ));
$this->AddData( "sessionId", md5(uniqid( $sessionId)));
}
}
function WriteCookie( )
{
$sessionData = serialize( $this->_userConfiguration);
if(!setcookie( "currentInfo",
$sessionData,
time() + 60 * 60 * 24 * $this->_sessionExpiry,
"/"))
{
echo " Failed to set cookie ";
exit( );
}
}
function ReadCookie( )
{
if( isset( $_COOKIE[ "currentInfo"])){
$this->_userConfiguration = array( );
$this->_userConfiguration = unserialize( $_COOKIE[ "currentInfo"]);
return true;
}
return false;
}
function AddData( $key, $value)
{
if( !array_key_exists( $key, $this->_userConfiguration))
$this->_userConfiguration[ $key] = $value;
$this->WriteCookie( );
}
function GetValue( $key)
{
if( is_array( $this->_userConfiguration))
{
if( array_key_exists( $key, $this->_userConfiguration))
return $this->_userConfiguration[ $key];
} else
echo " INVALID ARRAY ";
return null;
}
function CheckPermissions( $request )
{
$result = false;
$database = Database::GetInstance( );
if( substr( $request, strlen( $request) - 1, 1) == "/")
$request = substr( $request, 0, strlen( $request) - 1);
if( isset( $this->_userConfiguration[ "role"]))
{
$query = "SELECT * FROM permissions WHERE feature = '{$request}'";
$permissions = $database->Query( $query);
if( $permissions && $database->RowCount( ) > 0)
{
$permission = $permissions[ 0];
if( $permission[ 'permissions'] & $this->_userConfiguration[ "role"])
$result = true;
}
}
return $result;
}
}
This is the user login. It appears to be setting the cookie now (using developer toolbar to examine contents of cookie) , but it's not reading it back loading the array $this->_userConfiguration
__________________
For web design and software development;
|
|
|
Add to del.icio.us
Can you digg it?
|
|
|
|
04-08-2008, 12:56 PM
|
|
#3
|
|
|
Deity (Level 17)
Join Date: Jan 2004
Location: New Jersey, USA
Posts: 867
|
Ok... fixed it.
My problem was on the line;
$this->_userConfiguration = unserialize( $_COOKIE[ 'currentInfo'])
this had to become;
$this->_userConfiguration = unserialize( stripslashes( $_COOKIE[ 'currentInfo']))
I'm going to leave this up incase anybody else gets a similar problem.
__________________
For web design and software development;
|
|
|
Add to del.icio.us
Can you digg it?
|
|
|
|
04-09-2008, 05:26 PM
|
|
#4
|
|
|
My first avatar
Join Date: Sep 2004
Location: Finland
Posts: 3,155
|
Quote:
|
magic_quotes_gpc Affects HTTP Request data (GET, POST, and COOKIE). Cannot be set at runtime, and defaults to on in PHP. See also get_magic_quotes_gpc().
|
I think your seeing the side effect of magic_quotes and your inserting the data into cookie wrong:
Quote:
Never stripslashes!
That's the golden rule. You should never have to use stripslashes. Ever.
|
__________________
|
|
|
Add to del.icio.us
Can you digg it?
|
|
|
|
04-09-2008, 07:49 PM
|
|
#5
|
|
|
Deity (Level 17)
Join Date: Jan 2004
Location: New Jersey, USA
Posts: 867
|
Ok.. well I was following another tutorial, they used serialize (I'm taking what they did in theirs). What's the recommended way of achieving this?
__________________
For web design and software development;
|
|
|
Add to del.icio.us
Can you digg it?
|
|
|
|
04-10-2008, 01:33 PM
|
|
#6
|
|
|
My first avatar
Join Date: Sep 2004
Location: Finland
Posts: 3,155
|
your data had unwanted slashed added to it as magic_quotes (if on) will automatically add \ before these characters : ' (single-quote), " (double quote), \ (backslash) and NULL
Thats why you think you need to stripslash the data, but in reality you should check that if magic_quotes are on as the data you insert into the cookie is twisted.
http://www.htmlforums.com/serverside...on-100193.html
__________________
|
|
|
Add to del.icio.us
Can you digg it?
|
|
|
KEEP TABS |
|
SPONSORS |
| |
|
| |
|
|
| |
|
Linear Mode
