cookie and redirect

[coolicus]

I am creating a login page and am having trouble with the cookie and redirect function.

Basically I want the user to have a simple textbox, if they type in the correct password they get directed to the admin page and a cookie is set for all other admin pages to check.

Can someone see where I am going wrong?

<?php
if (isset($_COOKIE["ValidUser"])) {
header( 'Location: admin.php' ) ;
}	
				
				
//first look to see if they have logged in with coreect pass, if yes then set cookie
if ($_POST["loginpass"] = "reflect") {
setcookie("ValidUser", "Validated", time()+3600);
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "[URL unfurl="true"]http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">[/URL]
<html xmlns="[URL unfurl="true"]http://www.w3.org/1999/xhtml"[/URL] xml:lang="en" lang="en">
<head>
<title>foo</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link href="../stylesheet.css" rel="stylesheet" type="text/css" />
</head>
<body> 

    
<h1>Administration area</h1>

Enter your password to log in 
<form action='index.php' method='post'>
<input type='password' name='loginpass' />
<input type='submit' value='log in' />
</form>

</body>
</html>

I

 

[vacunita]

You check to see if its set before setting it. How exactly do you expect that to work?

What you are doing if they log in with a proper password is: Check if the cookie is set, since its not, then you move on, You set the cookie and display the form.



----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

 

[coolicus]

It is redirecting automatically and not getting to the form if I change the order of the php

<?php
if ($_POST["loginpass"] = "reflect") {
setcookie("ValidUser", "Validated", time()+3600);


if (isset($_COOKIE["ValidUser"])) {
header( 'Location: admin.php' ) ;
}	
				
				
				}
				?>

I have another page to delete the cookie so the cookie isn`t set.

logout.php

<?php 
// set the expiration date to one hour ago
setcookie("ValidUser", "", time()-3600);
?>
You have logged out

 

[spookie]

coolicus,

In what way the above code is behaving wrongly?

In your code a curly bracket is missing from if condition

if ($_POST["loginpass"] = "reflect") {
setcookie("ValidUser", "Validated", time()+3600);
[b]}[/b]

--------------------------------------------------------------------------
I never set a goal because u never know whats going to happen tommorow.

 

[jpadie]

if ($_POST["loginpass"] = "reflect")

the '=' sign is an assignment operator. this will ALWAYS be TRUE and so may well perform incorrectly.

the comparison operators you may be looking for are '==' and '==='. check out the manual for details on what each might mean.