Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexander2017-03-18 17:54:36
HTTP headers
Alexander, 2017-03-18 17:54:36

How to send headers (cookies) for authorization from a generated page?

Good afternoon! I do authorization, it is necessary to send cookies.
There is a user authorization page.
In the body of the site, pages are dynamically loaded, I get the address through:

if(!isset($_GET['page'])){
    $content = 'main';
}else{
    $content = addslashes(strip_tags(trim($_GET['page'])));
}

<body>
    <div id="wrapper">
        <div class="container">
            <?
            include "../templates/header.php";
            include "../templates/menu.php";
            if(isset($_GET['page'])){
                include "../templates/breadcrumbs.php";
            }
            ?>
            <div id="content" class="mainCont">
                <?include '../pages/'.$content.'.php';?>
            </div>
        </div>
        <? include "../templates/footer.php";?>
    </div>
</body>

The login page looks like this:
<?php
if($_SERVER['REQUEST_METHOD'] == "POST"){
    $login = $_POST['login'];
    $pass = $_POST['pass'];
    $query = mysqli_query($conn, "SELECT * FROM users WHERE login = '{$login}'");
    $user = mysqli_fetch_assoc($query) or die ("Ошибка БД" . mysqli_error($conn));
    if ($user['password'] == md5($pass)){
        echo 'Вы авторизованы';
        setcookie('users', $user['login'], time() + 1800);
        exit ;
    }
}
?>
<div align="center">
    <h3>Вход в личный кабинет</h3>
    <form action="" method="post" class="auth" >
        <input type="text" name="login" placeholder="Логин" required="required"><br>
        <input type="password" name="pass" placeholder="Пароль" required="required"><br>
        <label for="rememberMe">Запомнить меня</label>
        <input id="rememberMe" type="checkbox" name="rememberMe">
        <button type="submit" name="submit">Войти</button>
    </form>
</div>

The authorization itself works.
Headers are naturally not sent, tk. already sent.
Can you please tell me what I need to do to solve this problem?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
A
Alexander, 2017-03-18
@Klapanasos

Thanks for the advice on md5, Dmitry, I will definitely implement it!
Changing places does not help, does not work even if you completely remove echo.
Here the matter is a little different. Everything works for me through index.php, respectively, first its headers leave, and the login.php page, loaded via include, no longer allows them to be sent.
I'm still just gaining experience and don't know what to do in this situation.
UPD: well, as usual, the stupidity of the mod is detected. I put the authorization handler in the index header and everything fell into place.

Report
D
Dmitry Dart, 2017-03-18
@gobananas

Headers must be sent before the first output on the page, judging by your code, just in a block

if ($user['password'] == md5($pass)){
        echo 'Вы авторизованы';
        setcookie('users', $user['login'], time() + 1800);
        exit ;
    }

Swap the lines echo and setcookie and everything should be fine
And remember that md5 without salt is not safe

Similar questions
W
WasTabon2020-11-20 16:16:49
How can I see what request is sent when logging into QIWI? 0Reply
B
badrbot2019-03-20 18:21:14
How can I parse only in Russian? 1Reply
A
Angelxalfa2015-01-19 22:29:51
Wordpress header error? 3Reply
N
Nikola242019-06-12 18:19:08
Why doesn't IE 11 see or accept allow headers? 1Reply
A
Alexander2019-07-31 23:40:17
How to send bearer token in header from client to server? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question