UBB.Developers Forums UBB.threads 7 Development How Do I? How to set/get W3T's cookie value?

I found the following code in main.in.php

// --------------------------------------
// Set a cookie or register a session var
if ($config[tracking] == "sessions") {
session_register('w3t_myname');
session_register('w3t_mypass');
session_register('w3t_language');
$w3t_myname = $CheckUser;
$w3t_mypass = $pass;
$w3t_language = $language;
}
else {
setcookie("w3t_myname","$CheckUser",time()+31536000);
setcookie("w3t_mypass","$pass",time()+31536000);
setcookie("w3t_language","$language",time()+31536000);
}


But the seems to only set the cookie. Is there somebody can tell me where the getcookie codes are?

Every script that require auth. has 2 lines like:
$Username = $w3t_myname;
$Password = $w3t_mypass;

Since php converts several things to variables (the data passed to the server by the browser in the cookies being one of them) the Username and Password will contain the actual username and encrypted password (if logged in). Of course you could use w3t_myname/w3t_mypass directly but in the unlikely event of the cookie names being changed, you'll have to edit in more places.

yes, I know the variables. But just few days ago, I was posting another question here about W3T's user authentication and it seems that my scripts cannot get W3T's user authentication variable if it was on a directory other than W3T's main directory.

So I'd like to try to do the cookie part by myself. That's why I'm posting this thread asking how to get & set cookie.

I've used w3t auth (I made a separate include file with several functions that take care of the stuff i need, file that is not located anywere near the w3t directory) and it worked without any problem. Moreover, I've changed the setcookie call in main.inc.php to include an extra parameter ".mydomain.ro" so the cookie is set domain wide -- without it the cookie will be set to the 'w3t_domain/install_path/' only. This way I can acces the cookie from another host on the same domain and perform user auth. against the w3t user database. For my extra needs I've also created new fields in the w3t_Users table, entries that I use/edit with custom scripts.

Thanks razvan, I thought I understand what the problem is.

> I made a separate include file with several functions that
> take care of the stuff i need, file that is not located anywere
> near the w3t directory
Do you mean that you have another seperate include file contains some funtions from main.inc.php just for your own scripts?

And how can I adopt my main.inc.php's setcookie for a domain wide browsing?

TIA.

> Do you mean that you have another seperate include file contains
> some funtions from main.inc.php just for your own scripts?
There's no need to include the whole main.inc.php file. I've used only the authenticate function which basically selects a record (from the w3t database) that matches the specified username/pass (which in turn is fetched from cookies). If the user exists, the extra fields that I'm interested in are passed back so the calling script gets it.

As for the cookies: setcookie("w3t_myname","$CheckUser",time()+31536000,"",".domain.ro");
The empty parameter is the path, and the ".domain.ro" is the domain. Thus, if a.domain.ro sets the cookie, b.domain.ro will receive it too.
Unfortunately "domain.ro" cannot receive the cookie since there is a limitation that is enforced on all tlds (except for .com, .net, .org, .mil, .gov, .edu) regarding the minimum number of dots that are allowed when setting a cookie on a domain. Anyway, what's important for you is that for the above tlds you can set a cookie without the leading dot (as in my example) and have it working both on "domain.tld" and "host.domain.tld".