[PHP]Cookie/Log-In

[!BERZERK!]

Ok, so im making a basic mysql cms for my website, it has an admin panel for you to edit the content of your site. The problem is, i want to make a login for it so someone doesnt randomly edit the site.

here is the code that sets the cookie.

setcookie("user", "logged_in", time()+3600);

and this is the content editing page, with the cookie reader.

<?php
$loggedin = "logged_in";
if($_COOKIE["user"]==$loggedin)
include("connection.php");
$pageid = 1;
$con = @mysql_connect("$dbhost", "$dbuser", "$dbpass");
if (!$con)
  {
  die('Cant connect to databse retard');
  }
mysql_select_db("$dbname", $con);
$result = mysql_query("SELECT id, header_text, content, advertisement FROM content_home WHERE id = 1");
while($row = mysql_fetch_array($result))
  {
$id = $row["id"];
$header = $row["header_text"];
$content = $row["content"];
$ad = $row["advertisement"];
  }
mysql_close($con);
?>

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="update.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Edit Content</strong></td>
</tr>
<tr>
<td width="78">Header Text</td>
<td width="6">:</td>
<td width="294"><textarea type="text" name="header_text" rows="1" cols="100"><?php echo $header ?></textarea></td>
</tr>
<tr>
<td>Main Content</td>
<td>:</td>
<td><textarea type="text" name="content" width="500" rows="20" cols="100"><?php echo $content ?></textarea></td>
</tr>
<tr>
<td>Advertisement</td>
<td>:</td>
<td><textarea type="text" name="advertisement" rows="1" cols="100"><?php echo $ad ?></textarea></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" value="Submit"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
<?php
else
echo "not logged in";
?>

the problem is, that the content editing page is completely blank, and doesnt display an error code at all.

 

[s-p-n]

Did you want it to insult you?

die('Cant connect to databse retard');

lol

I think you should work on indenting and making your code readable before posting it. It'd make it much easier for others to help you.

I've got to get some sleep honestly, if you still need help I'll be here tomorrow

 

[EliteGM]

Proper indention = 4 spaces or one "TAB":

if ($statement != $statement2)
{
    doStuff($statement);
}
else
{
    die("Error.");
}

 

[!BERZERK!]

thank you, i will try editing my code.

NEW PROBLEM:

I tried a new code:

<?php
setcookie("user", "logged_in", time()+3600);
include("connection.php");
$pageid = 1;
$con = @mysql_connect("$dbhost", "$dbuser", "$dbpass");
$mypassword = $_POST["password"];
$myusername = $_POST["username"];
$loggedin = "logged_in";
if (!$con)
  {
  die('Cant connect to databse retard');
  }
mysql_select_db("$dbname", $con);
$result = mysql_query("SELECT username, password FROM users WHERE username='$myusername'");
while($row = mysql_fetch_array($result))
{
	$username = $row["username"];
	$password = $row["password"];
}
mysql_close($con);
if ($password==$mypassword)
{
echo "You are being redirected.";
}
elseif($_COOKIE["user"]==$loggedin)
{
	header('Location: admin2.php');
}
else
{
	echo "Wrong username or password";
}
?>

and it only passes the first IF, and not the elseif...

I am trying to find out what happened?

 

[3XC3NTR!K]

Why would you use cookies? Use SESSIONS. Its way better

 

[!BERZERK!]

do you have a tutorial on how to use it to be a password checker?

 

[s-p-n]

do you have a tutorial on how to use it to be a password checker?

Everything you need is here:
http://forum.ragezone.com/f86/php-sql-user-database-in-under-5-min-tut-449083/

Don't post.

 

[onemorejosh]

Your website will be easily hackable if you do it like that. All someone has to do is tweak their browser or write a script to submit your cookie value, and your website will think they've logged in.

If you're going the cookie route, make sure you've encrypted the value you store