0

How do cookies work?

I've tried sessions, but when i try to get the info, it doesn't pull it in.

login.php

<?
if(isset($_SESSION['Username']) && isset($_SESSION['Password'])){
    $_SESSION['Username'] = $_SESSION['Username'];
    $_SESSION['Password']=$_SESSION['Password'];

echo '<META HTTP-EQUIV="Refresh"CONTENT="1; URL=https://www.1fixcomputermedic.com/checklogin.php">';
}
else
{
 

Print '<form name="form1" method="post" action="https://www.njcomputermedic.fatcow.com/checklogin.php">';


Print '<div class=signin style="position:absolute;top:250;left:450;">';

echo $_SESSION['Username'];
Print '<font size="5">WELCOME TO  BETA 1</font>';


Print "<br>";
Print "<br>";
Print '<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">';
Print "<tr>";

Print "<td>";
Print '<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">';
Print "<tr>";
Print '<td colspan="3"><p align="center"<strong> Member Login </strong></p></td>';
Print "</tr>";
Print "<tr>";
Print '<td width="78">Username</td>';
Print '<td width="6">:</td>';
Print '<td width="294"><input name="Username" type="text" id="Username"></td>';
Print '</tr>';
Print '<tr>';
Print '<td>Password</td>';
Print '<td>:</td>';
Print '<td><input name="Password" type="password" id="Password"></td>';
Print "</tr>";
Print "<tr>";
Print "<td>&nbsp;</td>";
Print "<td>&nbsp;</td>";
Print '<td><input type="submit" name="Submit" value="Login"></td>';
Print "</tr>";
Print "</table>";
Print "</td>";
Print "</form>";
Print "</tr>";
Print "</table>";
Print "</div>";
}
?>

checklogin.php

/ To protect MySQL injection (more detail about MySQL injection)
$Username = stripslashes($Username);
$Password = stripslashes($Password);
$Username = mysql_real_escape_string($Username);
$Password = mysql_real_escape_string($Password);

$sql="SELECT * FROM $tbl_name WHERE username='$Username' and password='$Password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){{
// Register $myusername, $mypassword and redirect to file "login_success.php"

//session_start();
session_set_cookie_params('time()+36000,/,TRUE');
$_SESSION['Username'] = $Username;
$_SESSION['Password'] = $Password;

echo "You are logged in as ";
echo $_SESSION['Username'];
mysql_select_db(gancsosa_crystalworks);

echo "\n\n";

mysql_select_db("gancsosa_crystalworks") or die(mysql_error()); 
$data = mysql_query("SELECT* FROM inprogress")
or die(mysql_error()); 

//Put data into right tables
 
mysql_query("INSERT INTO complete SELECT* FROM inprogress WHERE Status='Y' ");
mysql_query("DELETE FROM inprogress WHERE Status='Y'");

mysql_query("INSERT INTO inprogress SELECT* FROM complete WHERE Status='N' ");
mysql_query("DELETE FROM complete WHERE Status='N'");
 
mysql_query("INSERT INTO archived SELECT* FROM complete WHERE Paid='Y' && Status='Y' ");
mysql_query("DELETE FROM complete WHERE Paid='Y' && Status='Y'");



//Take out duplicates
mysql_query("DELETE FROM inprogress WHERE Number='0' ");

//Inprogress
Print "<br><br>";

Print "<br><br>Inprogress<br><br>";

$data = mysql_query("SELECT* FROM inprogress") 
or die(mysql_error());

Print "<table border cellpadding=7>"; 

$flag=1;
while($info = mysql_fetch_assoc( $data )) 
{ 
$id=$info['ID'];

if($flag==1){
Print "<tr>";
Print "<th>Time</th>";
Print "<th>Client</th>";
Print "<th>Number</th>";
Print "<th>Address</th>";
Print "<th>Issue</th>";
Print "<th>Notes</th>";
Print "<th>Status</th>";
Print "<th>Charge</th>";
Print "<th>Edit</th>";
Print "<th>Print</th>";
Print "</tr>";
Print "<th> " .$info['Time'] . "</th>";
Print "<th> ".$info['Client'] . " </th>"; 
Print "<th> " .$info['Number'] . "</th>";
Print "<th>" .$info['Address'] . "</th>";
Print "<th>" .$info['Issue'] . "</th>";
Print "<th>" . $info['Notes'] . "</th>";
Print "<th>" .$info['Status'] . "</th>";
Print "<th>$" .$info['Charge'] . "</th>";
Print '<th><a href="https://www.1fixcomputermedic.com/update.php?id=' .$id. ' " target="_blank">Edit</a></th>';
Print '<th><a href="" target="_blank">Print</a></th>';
Print "</tr>";
$flag=0;
}

else{
Print "<tr>";
Print "<th> " .$info['Time'] . "</th>";
Print "<th> ".$info['Client'] . " </th>"; 
Print "<th> " .$info['Number'] . "</th>";
Print "<th>" .$info['Address'] . "</th>";
Print "<th>" .$info['Issue'] . "</th>";
Print "<th>" . $info['Notes'] . "</th>";
Print "<th>" .$info['Status'] . "</th>";
Print "<th>$" .$info['Charge'] . "</th>";
Print '<th><a href="https://www.1fixcomputermedic.com/update.php?id=' .$id. ' " target="_blank">Edit</a></th>';
Print '<th><a href="" target="_blank">Print</a></th>';
Print "</tr>";
$flag=0;
//$id++;
} 
}
Print "</table>"; 

Print "<br>";
Print "<br>";

$query="TRUNCATE TABLE inprogress";

if($Username=="adminabel"||$Username=="adminrich"){

Print '<input type="submit" name="reset" value="Reset">';

if(isset($_POST['reset'])){
mysql_query("TRUNCATE TABLE inprogress");
}
}


//Complete
Print "<br><br><br>Complete<br><br>";

$data = mysql_query("SELECT* FROM complete") 
or die(mysql_error()); 
Print "<table border cellpadding=7>"; 
$flag=1;
while($info = mysql_fetch_assoc( $data )) 
{ 
$id=$info['ID'];

if($flag==1){
Print "<tr>";
Print "<th>Time</th>";
Print "<th>Client</th>";
Print "<th>Number</th>";
Print "<th>Address</th>";
Print "<th>Issue</th>";
Print "<th>Notes</th>";
Print "<th>Status</th>";
Print "<th>Charge</th>";
Print "<th>Paid</th";
if($Username=="adminabel"||$Username=="adminrich"){
Print "<th>Edit</th>";
}
Print "</tr>";
Print "<th> " .$info['Time'] . "</th>";
Print "<th> ".$info['Client'] . " </th>"; 
Print "<th> " .$info['Number'] . "</th>";
Print "<th>" .$info['Address'] . "</th>";
Print "<th>" .$info['Issue'] . "</th>";
Print "<th>" . $info['Notes'] . "</th>";
Print "<th>" .$info['Status'] . "</th>";
Print "<th>$" .$info['Charge'] . "</th>";
Print "<th>" .$info['Paid']. "</th>";
if($Username=="adminabel"||$Username=="adminrich"){
Print '<th><a href="https://www.1fixcomputermedic.com/cupdate.php?id=' .$id. ' " target="_blank">Edit</a></th>';
}
Print "</tr>";
$flag=0;
}

else{
Print "<tr>";
Print "<th> " .$info['Time'] . "</th>";
Print "<th> ".$info['Client'] . " </th>"; 
Print "<th> " .$info['Number'] . "</th>";
Print "<th>" .$info['Address'] . "</th>";
Print "<th>" .$info['Issue'] . "</th>";
Print "<th>" . $info['Notes'] . "</th>";
Print "<th>" .$info['Status'] . "</th>";
Print "<th>$" .$info['Charge'] . "</th>";
Print "<th>" .$info['Paid']. "</th>";
if($Username=="adminabel"||$Username=="adminrich"){
Print '<th><a href="https://www.1fixcomputermedic.com/cupdate.php?id=' .$id.' " target="_blank">Edit</a></th>';
}
Print "</tr>";
$flag=0;
//$id++;
} 
}
Print "</table>"; 

}

Print "<br><br>";

$query2="TRUNCATE TABLE complete;";

if($Username=="adminabel"||$Username=="adminrich"){

Print '<input type="Submit"  name="reset2" value="Reset">';

if(isset($_POST['reset2'])){
mysql_query("TRUNCATE TABLE complete");
}

}

if($Username=="adminabel"||$Username=="adminrich"){

//Archived

Print "<br><br><br>Archived<br><br><br>";

$data = mysql_query("SELECT* FROM archived") 
or die(mysql_error()); 
Print "<table border cellpadding=7>"; 
$flag=1;
while($info = mysql_fetch_assoc( $data )) 
{ 
$id=$info['ID'];

if($flag==1){
Print "<tr>";
Print "<th>Time</th>";
Print "<th>Client</th>";
Print "<th>Number</th>";
Print "<th>Address</th>";
Print "<th>Issue</th>";
Print "<th>Notes</th>";
Print "<th>Status</th>";
Print "<th>Charge</th>";
Print "<th>Paid</th";
Print "</tr>";
Print "<tr>";
Print "<th> " .$info['Time'] . "</th>";
Print "<th> ".$info['Client'] . " </th>"; 
Print "<th> " .$info['Number'] . "</th>";
Print "<th>" .$info['Address'] . "</th>";
Print "<th>" .$info['Issue'] . "</th>";
Print "<th>" . $info['Notes'] . "</th>";
Print "<th>" .$info['Status'] . "</th>";
Print "<th>$" .$info['Charge'] . "</th>";
Print "<th>" .$info['Paid']. "</th>";
Print "</tr>";
$flag=0;
}

else{
Print "<tr>";
Print "<th> " .$info['Time'] . "</th>";
Print "<th> ".$info['Client'] . " </th>"; 
Print "<th> " .$info['Number'] . "</th>";
Print "<th>" .$info['Address'] . "</th>";
Print "<th>" .$info['Issue'] . "</th>";
Print "<th>" . $info['Notes'] . "</th>";
Print "<th>" .$info['Status'] . "</th>";
Print "<th>$" .$info['Charge'] . "</th>";
Print "<th>" .$info['Paid']. "</th>";
Print "</tr>";
$flag=0;
//$id++;
} 
}
Print "</table>"; 


}

}
else {
Print "Wrong Username or Password\r\n";

Print "Please try again....<br><br>";
Print '<a href="https://www.1fixcomputermedic.com/login.php">CLICK</a>';

}

Print '<br><br><a href="https://www.1fixcomputermedic.com/work_order.php" target="_blank">New Work Order</a>';
?>
</html>

is that correct? i've never worked with cookies before in my life....

2
Contributors
1
Reply
2
Views
7 Years
Discussion Span
Last Post by cwarn23
0

When using sessions you need to always place the session_start(); function on the first line of your script before any html or new line output. So delete that new line at the beginning of your file and place at the top the following:

<?php session_start();

That will enable sessions to be used.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.