/    Sign up×
Community /Pin to ProfileBookmark

session & cookie question

Copy linkTweet thisAlerts:
Aug 29.2006

OK so I understand that they need to be defined before any html takes place, but I’m unclear on what is considered html. For instance is:

[CODE]<html>
<head>
</head>
<body>
<?php
setcookie(“username”, $_POST[‘username’]);
?>
</body>
</html>[/CODE]

breaking that rule. Or perhaps:

[CODE]<?php
$username = $_POST[‘username’];
if($username != “”)
{
setcookie(“username”, $_POST[‘username’]);
echo “<meta http-equiv=’refresh’ content=’1;url=menu.php’>”;
}
?>[/CODE]

Can I consider “any html” any html that actually displays on the page?

to post a comment
PHP

3 Comments(s)

Copy linkTweet thisAlerts:
@Doc_ThirstauthorAug 29.2006 — OK I kind of got my answer, but its not what I expected:

setcookie() defines a cookie to be sent along with the rest of the HTTP headers. Like other headers, cookies must be sent before any output from your script (this is a protocol restriction). This requires that you place calls to this function prior to any output, including <html> and <head> tags as well as any whitespace. If output exists prior to calling this function, setcookie() will fail and return FALSE. If setcookie() successfully runs, it will return TRUE. This does not indicate whether the user accepted the cookie. [/QUOTE]

So I guess a better question would be, does this violate the rule? I don't know why I'm having such a hard time getting this through my thick head...
[CODE]<?php
$username = $_POST['username']

$recordset = mssql_query ("SELECT * FROM users WHERE username = '$username'", $handle);
$lim = mssql_num_rows($recordset);
if($lim == 1)
{
$password = date(YmdHis);
setcookie("username", $_POST['username']);
setcookie("password", $password);
$update = "update students set password = '$password' where username = '$username'";
mssql_query($update, $handle);
}
?>[/CODE]
Copy linkTweet thisAlerts:
@themartyAug 29.2006 — OK so I understand that they need to be defined before any html takes place, [/quote]
not HTML, but any output. So even this:
[code=php]_<?php
setcookie();
?>[/code]
violates the rule (notice the space for the <?php tag)

So, as long as your php file starts with <?php and you're not using echo or print or any other function that causes output, you're safe. (unless you're buffering that output, to output it later)

//edit

i used an underscore (_) instead of a space, because the forumsoftware deleted it
Copy linkTweet thisAlerts:
@Doc_ThirstauthorAug 29.2006 — I must have buffering turned on. I can't seem to break these cookies even when I try. Thanks of the response themarty.
×

Success!

Help @Doc_Thirst spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.9,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...