我的Cookie设置有问题,这是代码行:
if(!empty($userdata)) {
$qry = mysql_query("SELECT * FROM st_user WHERE oid = '$uid'");
$get_array = mysql_fetch_array($qry);
$set_id_session = md5($username);
//And then set cookies
setcookie('FBSESSID', '$set_id_session', time()+86400, '/', '.setujuh.com'); //Cookie set at this line
$do_sess = $_COOKIE['FBSESSID'];
echo $_COOKIE['FBSESSID'];
print_r($_COOKIE);
$date = date('Y-m-d h:i:s');
mysql_query ("UPDATE st_user SET fb_sess_id = '$do_sess', lastvisitDate = '$date' WHERE oid = '$uid'");
}
我的问题是,当我尝试调用Cookie时,为什么没有设置它?
您需要定义用户名包含的内容。否则将为空
$username = $get_array['username']
假设$userdata不为空,否则sql查询将永远不会执行
更新
调用md5($username)作为会话id是一个非常糟糕的主意,因为每次登录时这个id都是相同的,如果您知道用户名
删除$set_id_session周围的单引号。对于初学者来说,这是不必要的,因为它已经是一个字符串了,但更重要的是,只有在使用双引号的情况下,变量才会被插值。
不久前,我使用了一个安全的随机性生成器,它应该非常适合您的cookie验证令牌(会话ID);
function TokenGenerator($Length)
{
$CharPool = '0123456789';
$CharPool .= 'abcdefghijklmnopqrstuvwxyz';
$CharPool .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$RandomNumber = function($Minimum, $Maximum)
{
# Find the range of the maximum and minimum allowed output
$Range = $Maximum - $Minimum;
# If the range is less than 0 forget the rest and return the minimum allowed number as a 'random' bit
if($Range < 0)
{
return $Minimum;
}
# Calculate the logarithm for $Range variable
$Logarithm = (int) log($Range, 2)+1;
$ByteLength = (int) ($Logarithm-1/8)+1;
$BitF = (int) (1 << $Logarithm)-1;
do
{
# Get some random binary bytes
$RndBinBytes = openssl_random_pseudo_bytes($ByteLength);
# Converts the binary to hexadecimal
$HexBytes = bin2hex($RndBinBytes);
# Convert the hexadecimal bytes to decimal
$Random = hexdec($HexBytes);
# Use the AND operator to discard the unneeded bits
$Random = $Random & $BitF;
}
while($Random >= $Range);
# Return the random number found by the sub function to the main function
return $Minimum + $Random;
};
# Initialise the RandChars variable
$RandChars = '';
$LengthOfPool = strlen($CharPool);
for ($Counter = 0; $Counter < $Length; $Counter +=1)
{
$RandNum = $RandomNumber(0, $LengthOfPool);
# Pick from the pool of chars
$RandChar = $CharPool[$RandNum];
# Append the random char to the token to be returned at the end
$RandChars .= $RandChar;
}
return $RandChars;
}
为了给你的cookie计划添加另一层安全性,你可以加密cookie的内容,以确保cookie不会被篡改,当我设置cookie时,我使用这个类;
class CookieMonster
{
private $CookieKey = 'SecurePassword';
public function SetCookie($Name, $Data, $Expire=31536000)
{
if($Data == '')
{
return FALSE;
}
if($Name == '')
{
return FALSE;
}
if($Key == '')
{
return FALSE;
}
return setcookie($Name, $this->Encrypt($Data, $this->CookieKey), $Expire);
}
public function DeleteCookie($Name)
{
if(isset($_COOKIE[$Name]))
{
return setcookie($Name, '', 1);
}
}
public function ReadCookie($Name)
{
if(isset($_COOKIE[$Name]))
{
return $this->Decrypt($_COOKIE[$Name], $this->CookieKey);
}else{
return FALSE;
}
}
public function Encrypt($Data, $Key)
{
return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, sha1($Key), $Data, MCRYPT_MODE_CBC, md5(sha1($Key))));
}
public function Decrypt($Data, $Key)
{
return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, sha1($Key), base64_decode($Data), MCRYPT_MODE_CBC, md5(sha1($Key))), "'0");
}
}