phphtmlcookiescookiestore

PHP Cookies Registration and Login form

Hi there to all the readers of this topic! I know it sounds foolish, but I want to make some simple registration and login forms using php. It is not for a website so It shouldn't be secure and I don't want the names and passwords to last forever. I also want to specify that I am a beginner and I know just the basics of php. First, I begun to write the html login form, and then the php for the login in order to check if there is any cookie. The registration was for later. Here is the code:

<?php
setcookie($usr,$pwd,time() + (86400 * 30),'/');
setcookie($pwd,$usr,time() + (86400 * 30),'/');
If(isset($_POST['submitForm'])) {
    $usr = $_POST['usr'];
    $pwd = $_POST['pwd'];

    If(isset($_COOKIE[$usr]) && isset($_COOKIE[$pwd])) {

    }
    else {
        die('User has not been registered or wrong username or password.');
    }
}
?>

As you can see I tried to acess $pwd that stands for 'password' with the $usr variable that stands for 'username', both using the cookies.

Here is the HTML code:

<form method="POST" action="logged.php" style="text-align: center;">

<h1>Log In Page of Forum</h1>

<input type="text" name="usr" placeholder="Username">

<br/><br/>
<input type="password" name="pwd" placeholder="Password">

<br/><br/>
<input type="submit" name="submitForm" value="Log in">

<br/>
</form>

Yes. The PHP is in the file.

The errors that are popping out are: 

Notice: Undefined variable: usr in logged.php on line 2

Notice: Undefined variable: pwd in logged.php on line 2

Notice: Undefined variable: pwd in logged.php on line 3

Notice: Undefined variable: usr in logged.php on line 3

But the text still appears:

User has not been registered or wrong username or password.

I do this to make a better understanding of PHP and not to use this at something seriously.

Can anybody tell me what is wrong with my code? I thank you in advance. ;)

Solution

  • Your cookie calls are wrong. You should use a FIXED name for the cookies. You're using the (randomish) username the user supplied.

    This would work:

    setcookie('user', $user, ....);

    which produces user=fred as a cookie ($_COOKIE['user'] => 'fred'), instead of the

    setcookie($usr, $pwd, ...)

    you have, which produces fred=hunter42.

    Since you don't know what the username is on the user's return, you have NO idea what key to use in $_COOKIE to retrieve their username. $_COOKIE['ok what is the username?']?