0

I have this code, and my users have all of the cookies set, but it's showing the text for not having them all set. Can anyone fix this? It is showing the first text, instead of the second, and it has been perplexing me for the past hour. Am I missing something ridiculously stupid? 

if(!isset($_COOKIE['user']))
{
    echo "You do not have access here";
}

if(isset($_COOKIE['user']))
{
    $user = $_COOKIE['user'];

    $lq = "SELECT havelair FROM users WHERE username = '$user'";
    $lresult = mysqli_query($con,$lq);
    $lrow = mysqli_fetch_array($lresult);
    $lair = $lrow[0];

    if($lair == '1')
    {
        if(!isset($_COOKIE['Ankou']) || !isset($_COOKIE['Durnburg']) || !isset($_COOKIE['Hardash']) || !isset($_COOKIE['Kashaer']) || !isset($_COOKIE['Wyrdwood']))
        {
?>

text

<?php
        }

        if(isset($_COOKIE['Ankou']) && isset($_COOKIE['Durnburg']) && isset($_COOKIE['Hardash']) && isset($_COOKIE['Kashaer']) && isset($_COOKIE['Wyrdwood']))
        {
            mysqli_query($con,"UPDATE users SET havelair='2' WHERE username ='$user'");
?>

text

<?php

        }
    }
Bob
  • 39
  • 7
  • Do they exist? What's the output of `print_r($_COOKIE)`? – Amal Murali Jul 30 '13 at 18:43
  • Array ( [Ankou] => visit [Hardash] => visit [Wyrdwood] => visit [Durnberg] => visit [Kashaer] => visit ) – Bob Jul 30 '13 at 18:45
  • 2
    Lovely [SQL injection attack](http://bobby-tables.com) vulnerability... enjoy having your server pwn3d. – Marc B Jul 30 '13 at 18:45
  • You're looking for `Durnburg` in your code, but have `Durnberg` (note the **E**) in the cookie... – Marc B Jul 30 '13 at 18:46
  • I think we need the code before we get to what you've given us. Assuming it's echoing "You do not have access here" then we need to look at where setcookie happens. (http://www.php.net/manual/en/function.setcookie.php) Also - what @AmalMurali said. – lostphilosopher Jul 30 '13 at 18:47

1 Answers1

0

The print_r output is:

Array ( [Ankou] => visit [Hardash] => visit [Wyrdwood] => visit [Durnberg] => visit [Kashaer] => visit )

And, in your code, you have:

!isset($_COOKIE['Durnburg'])

Notice the difference in the spelling. That might be the issue.

Also, your code is vulnerable to SQL injection. Have a look at this question to see the pitfalls and ideas on how to resolve the issue.

Community
  • 1
  • 1
Amal Murali
  • 75,622
  • 18
  • 128
  • 150
  • Yes. That is the issue. I completely overlooked that, and now I feel like an idiot. -.- – Bob Jul 30 '13 at 18:49