Hi Tristan,

I'm not sure about this, but try to use ob_start() at the beginning. This
tells php to execute the page in cache and put it to the client when it's
execution is finish. It enables you, to use cookies not only before html,
but from every position in html... maybe this works...

Stefan Siefert


-----Ursprungliche Nachricht-----
Von: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Gesendet: Dienstag, 13. Marz 2001 16:52
An: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Betreff: [PHP-DB] Naming cookies




Afternoon guys and girls
I have a queston regarding cookies...

I have a login form that takes the member name and password from a MySQL
Database.

I have three fields:
member
pw
userlevel

I want to set a cokkie to remember the user and thier user level, so I named
the
cookie  -   authlevel$userlevel  --- as I have three levels of security
access,
I opted for a dynamic cookie name,that changed depending on thier userlevel.

Can I include a variable in the cookie name?
I am having probs getting this to work correctly, and this is my first guess
as
to why it isn't working.

I have included two codes, the first is my login script, and the second is
on my
secure pages above the head tag.

If anyone can spot my error, I'll gladly furnish them with a beer and a
toblerone.

Thanks in advance,
Tris...


====================================

<PRE>

<?

if ((!$member) || (!$pw)) {
     header("Location: http://www.mysite.com");
     exit;
}

$db_name = "my_database";
$table_name = "userlist";

$connection = @mysql_connect("my_database_host", "my_username",
"my_password")
     or die("Couldn't connect.");

$db = mysql_select_db($db_name, $connection)
     or die("Couldn't select database.");

$sql = "SELECT * FROM $table_name
     WHERE member = \"$member\" AND pw = \"$pw\"
     ";

$result = mysql_query($sql)
        or die ("Can't execute query.");

while($row = mysql_fetch_array($result)) {
 $userlevel = $row['userlevel'];
 $member = $row['member'];
 $pw = $row['pw'];
}

$num = mysql_numrows($result);

if (($num != 0) && ($userlevel = '1') || ($userlevel = '2') || ($userlevel =
'3')) {

$cookie_name = "authlevel$userlevel";
$cookie_value = "ok";
$cookie_expire = "";
$cookie_domain ="";
setcookie($cookie_name, $cookie_value, $cookie_expire, "/", $cookie_domain,
0);

$display_block ="

<p><B>You are now logged into STN Treasury</b><BR>You are logged in under
the
mail address, <B>$member</B>, you can now access the site as per your
assigned
access level <B>$userlevel</B>.<P><a href=\"secreta.php\">Link to level
1</A><BR><a href=\"secretb.php\">Link to level 2</A><BR><a
href=\"secretc.php\">Link to level 3</A>
";

} else {

     header("Location: http://www.mysite.com");
     exit;
}

?>


==================================


<?

if (($authlevel1 =="ok") ||  ($authlevel2 =="ok") || ($authlevel3 =="ok")) {

$msg ="<P>Hello, and welcome to level 1 of the secret test area...";

} else {
     header( "location:http://www.mysite.com");
     exit;
     }

?>

</PRE>

=======================================




**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.


**********************************************************************

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]



-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to