<?php
echo $_COOKIE['access'] . "Cookies value is";
$access = false;
if (isset($_POST['p_word'])) {
$hased_string = md5("randomize" . $_POST['p_word'] ."string");
if ($hased_string == "4eg9cd612351bf6265451499f4ffd33e") {
setcookie("access", "1");
$access = true;
}
}
if (isset($_COOKIE['access']) && $_COOKIE['access'] == "1") {
$access = true;
}
?>

Does anyone see why I wouldn't get a value for my cookie here? I verified the cookie has been set and have closed and reopened the page with no luck.

The cookie you are creating only has the lifetime of the browser session. You may want to consider setting the expiry date on the cookie to sometime in the semi-far future.

There something wrong with that code. I can see the cookie and the content of it on my computer but it doesnt show up. The browser session hasnt ended

In PHP cookie is a header. As such you cannot set or read it (I'm not sure which or if it's both, but it's at least one of them) after writing to the page:



echo $_COOKIE['access'] . "Cookies value is";

All headers must be sent before any text output is sent. Additionally, the cookie will not be available until the page is loaded again: the cookies are sent as part of the request, then the headers are sent from the server, then the text.

In order to avoid the fact that cookies aren't set immediately, I use the following:

<?php
function setcookielive($name, $value='', $expire=0, $path='', $domain='', $secure=false, $httponly=false) {
//set a cookie as usual, but ALSO add it to $_COOKIE so the current page load has access
$_COOKIE[$name] = $value;
return setcookie($name,$value,$expire,$path,$domain,$secure,$httponly);
}
?>

Note that this stores the value immediately so you can use it but does not verify that the cookie was accepted by the user. Take this into account while designing your system.
If the cookie is not needed until the next page load, there's no real need to use this, but for my purposes I wanted to use the value to change a system setting that would be immediately changed, so I found no reason to wait until later to get the value back.

The cookie has been created and the correct value is in it, and I've loaded the page about 15 times now still with no luck...



<?php
$access = false;
if (isset($_POST['p_word'])) {
$hased_string = md5("randomize" . $_POST['p_word'] ."string");
if ($hased_string == "4eg9cd612351bf6265451499f4ffd33e") {
setcookie("access", "1");
$access = true;
}
}
if (isset($_COOKIE['access']) && $_COOKIE['access'] == "1") {
$access = true;
}
?>


My code here is suppose to

1. if the password is set and correct create a cookie with the value of 1 in it and set access to true, the access is set true here for the first page load because the cookie won't be ready.

2. if the cookie is set and the value is 1 "access" is set to true. The purpose of this one is so that the password must not be sent everytime.


Is my logic here correct and/or is there an error with my code/logic?

Any ideas on this?

The code looks ok. I'm not sure what the problem is.

As has been said, the cookie will not be available until the next page load. One possibility is that if you are only "reloading" the page 15 times, then perhaps you need to actually do a new request (rather than refresh). I expect this may vary by browser, but that's all I can think of that wouldn't be working here.
Aside from that, I suggest tracking print_r($_COOKIE) throughout the script to see what's happening. You'll find the issue that way, sooner or later.

Weird, I put in the print_r, ran it, it worked, removed it and it kept working.. On a somewhat side question is there a way I can make the cookie indistinguishable to http://www.site.com and http://site.com?

It may be what I said above: the cookie was working the whole time but unavailable because you were just refreshing the same request and not sending new cookie info. That's an interesting problem if it's the case... what browser(s) are you using? I haven't tested this, but it was all I could think of above. (And it explains why print_r() works when you later return to the page.)


As for making it work across subdomains, you can use .site.com in the domain argument for set cookie. Note the initial dot. This will make it work on all subdomains. (I don't think there's a way to specify any set aside from just "all" or one). Note that you'll want to also use "/" as the path so it works in any location even if it is originally set within a subdirectory.
http://php.net/manual/en/function.setcookie.php