PHP - MySql - 设置cookie不起作用

时间:2013-09-15 07:33:09

标签: php mysql cookies

<?php
$utype = $_POST['type'];
$username=$_POST['username'];
$pre = $_POST['pre'];
$fname = $_POST['fname'];
$fname = ucwords($fname);
$lname = $_POST['lname'];
$lname = ucwords($lname);
$address = $_POST['address'];
$city = $_POST['city'];
$city = ucwords($city);
$province=$_POST['province'];
$pcode = $_POST['pcode'];
$pcode = mb_strtoupper($pcode);
$area_code = $_POST['area_code'];
$number1= $_POST['number1'];
$number2= $_POST['number2'];
$phnum = "(".$area_code.")".$number1."-".$number2;
$email = $_POST['nemail'];
$opass=$_POST['pass1'];
$pass = md5($_POST['pass1']);
$time=date("F j, Y");
$status="Not Activated";
                                                   if($email=="" || $username=="" || $fname=="" || $lname=="" || $address=="" or $pass==""){                                                   die("<script language='JavaScript'>
                                                                    window.alert('Not Enough Data Provided!')</script>
                                                                    <meta http-equiv='REFRESH' content='0; r    egister.php'>");;
                                                            }
include 'db_connect.php';
$sql = "select * from estatedeal_login where username = '".strtolower($username)."' OR     email = '".strtolower($email)."'";

            $result=mysql_query($sql);
        $row=mysql_fetch_array($result);
            if($row){
                                                        die("<script language='JavaScript'>
                                                            window.alert('Username/E-mail address already Exists!')</script>
                                                            <meta http-equiv='REFRESH' content='0; register.php'>");;
            }


$sql="INSERT INTO estatedeal_login (username, email, password, utype, opass, time, status)
                VALUES ('$username', '$email', '$pass', '$utype', '$opass', '$time', '$status')";

$result=mysql_query($sql);
                if($result){
                        $sql2="Select uid from estatedeal_login where email='$email' AND password='$pass'";
                        $result2=mysql_query($sql2);
                        $row=mysql_fetch_array($result2);
                        $uid=$row["uid"];   



                        $sql3="INSERT INTO estate_userinfo(uid, pre, fname, lname, address, city, province, pcode, phnum, email) VALUES ('$uid', '$pre', '$fname', '$lname', '$address', '$city', '$province', '$pcode', '$phnum', '$email')";
                        $result3=mysql_query($sql3) or die("<script language='JavaScript'>
                                                            window.alert('Sorry, Database Error!')</script>
                                                            <meta http-equiv='REFRESH' content='0; register.php'>");;
                        if ($result3){

                                        $hour = time() + 3600*2; 
                                        setcookie('USERNAME_COOKIE', $email, $hour);
                                        setcookie('PASSWORD_COOKIE', $pass, $hour);
                                        if($utype=="Realtor"){ die("<meta http-equiv='REFRESH' content='0; regRealtor.php'>");; }
                                    echo "<script language='JavaScript'>
                                    window.location ='main.php';</script>";
                                    }
    }
    else{
        die(mysql_error());
    }
?>

以上是我的代码。它在mysql中正确插入数据字段,但不在客户端设置cookie。如果我尝试使用我在数据库中插入的信息登录,则用于设置cookie的相同代码在登录页面上正常工作。是否还有其他选项来设置cookie。?

    $hour = time() + 3600*2; 
 setcookie('USERNAME_COOKIE', $email, $hour);
 setcookie('PASSWORD_COOKIE', $pass, $hour);

4 个答案:

答案 0 :(得分:0)

我强烈建议您在向数据库中插入任何内容之前,先了解$_SESSION以及如何清除从$_POST$_GET读取的变量;

http://php.net/manual/en/function.mysql-real-escape-string.php还要考虑您在我发送给您的页面上看到的警告。

答案 1 :(得分:0)

不是您问题的直接答案,但可能有用:

代替Cookie,您可以使用SESSION,看一下这个问题:Cookie VS Session

您可能还想看一下使用SESSION实现用户管理的UserCake。以下是来自UserCake(login.php)的snipet:

      //Passwords match! we're good to go'

      //Construct a new logged in user object
      //Transfer some db data to the session object
      $loggedInUser = new loggedInUser();
      $loggedInUser->email = $userdetails["email"];
      $loggedInUser->user_id = $userdetails["id"];
      $loggedInUser->hash_pw = $userdetails["password"];
      $loggedInUser->title = $userdetails["title"];
      $loggedInUser->displayname = $userdetails["display_name"];
      $loggedInUser->username = $userdetails["user_name"];

      //Update last sign in
      $loggedInUser->updateLastSignIn();
      $_SESSION["userCakeUser"] = $loggedInUser;

至少对我来说,这比打电话给setcookie('USERNAME_COOKIE', $email, $hour);感觉更清洁。

答案 2 :(得分:0)

1尝试输入ob_start()

<?php
ob_start()

2尝试输入路径参数

setcookie('USERNAME_COOKIE', $email, $hour,'/');
setcookie('PASSWORD_COOKIE', $pass, $hour,'/');

答案 3 :(得分:0)

使用session而不是cookie。会话比cookie更安全。存储在服务器上。

使用session_start();在PHP文件的开头&amp;然后在会话中存储任何内容,如此

$ _ SESSION ['email'] = $ email;

&安培;在文件开头

中通过session_start()函数获取存储在会话中的值

$ email = $ _SESSION ['email'];

会话更安全,因为它们存储在服务器而不是浏览器上。