I have a login page when I login, process page sets a cookie and I want to use this cookie to auto login the next time. Cookie is set on browser and I can see it but when I want to use it on login page cookie is empty (browser still has it and I can see it)
Browser : mozilla
Directories :
index.php (login page) --> in root /
include-function --> /functions/include-function.php
form-process.php --> /functions/form-process.php
I turned on output buffering of php.ini
Notice : this post edited after answers
This is my login page:
<?php
require("./functions/include-function.php");
?>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="./style/form.css">
<script type="text/javascript"src="./js/form.js">
</script>
<title></title>
</head>
<body>
<div class="wrapper">
<div class="container">
<h1>Welcome</h1>
<form class="form" method="get" action="./functions/form-process.php">
<input type="text" placeholder="Username" name="username">
<input type="text" placeholder="Username" name="username" value="<?php print_r($_COOKIE); ?>">
<input type="password" placeholder="Password" name="password">
<button type="submit" id="login-button" name="submit" value="submit">Login</button>
</form>
</div>
<ul class="bg-bubbles">
<li></li>
<li></li>
<li></li>
<li></li>
<li></li>
<li></li>
<li></li>
<li></li>
<li></li>
<li></li>
</ul>
</div>
</body>
</html>
This is my process page:
<?php require("./include-function.php"); ?>
<?php
if (isset($_GET['submit'])) {
$username = $_GET['username'];
$pass = $_GET['password'];
$message = validation_form($_GET);
$value = 45;
$cookieName = "us";
if ($username == "vahid@gmail.com" && $pass == "123456" && empty($message)) {
$expired = time() + (60 * 60 * 24 * 1);
setcookie($cookieName,$value,$expired);
// redirect_to("http://www.youtube.com/");
print_r($_COOKIE);
}else{
redirect_to("../index.php");
}
}
?>
and this is my function file:
<?php
function redirect_to($location){
header("Location:". $location);
exit;
}
function validation_form($value=[]){
$message = [];
// Field must not Empty
// trim() so empty space not count
$username =trim($value['username']);
$password =trim($value['password']);
if (!isset($username) || $username==="" || empty($username)
|| !isset($password) || $password==="" || empty($password)) {
$message['validation'].="Username and Password must not empty";
}
// Length Check
$max = 20;
$min = 3;
if (strlen($username) > $max || strlen($password) > $max) {
$message['validation'].= "Password Or Username Must not more than 20 character";
}
if (strlen($username) < $min || strlen($password) < $min) {
$message['validation'].= "Password Or Username Must not less than 3 character";
}
// Type Check
if (!is_string($password)) {
$message['validation'].= "Password Must be Number";
}
//Preg_match
if (!preg_match("/@/",$username)) {
$message['validation'].= "Your username is your email ";
}
return $message;
}
?>
So if I understand correctly you want make a login page in wich when you enter username and password value, next time you refresh the page you are already logged in? or you want to make form sticky and maintain the value inserted before?
BTW if login script isn't in the same folder of the action form script you don't see the cookie in login script because by default the browser send the cookie only at page in folder or subfolder of the script that set the cookie, the action form script in this case.
So first of all set $path = "/" and put it as setcookie argument, for tell to browser : "send the cookie at every script in the domain or subdomain"
Another point is, as other already told you in the comments, that setcookie modify the header, and all header changes must be done before any output, and in your case you output a whitespace before setting the cookie.
If you need to output something before, you can use the output buffer's functions, whit wich you can buffering all output before the header and send it only after the header is set.
see more on https://www.php.net/manual/en/book.outcontrol.php.
Tough i think you make this page for "try'n", don't implement a login like this in real case of use.
Because you are passing username and password in http request that are in readable format.
Use php session and hashed field in a database for store client data in efficient and more safe way,
and to allow user access page more easily, make a sticky form, injecting in field value the value in stored variable, not printing the entire array that storing them.
Hope this may help!