Infinite loop php redirect based on cookie

Question

I'm currenting busy coding a registration page. The page has three steps and every step has its own cookie value. What I'd like to do is checking for the cookies value and transfer the user to the correct page upon visiting the website

Example: if the value of $_COOKIE['step'] is 'step_two' it should redirect to: www.domain.com/register.php?step=your_details. If the cookie's not set, it should not redirect and stay on the register.php page.

The redirecting is working 'fine', but it gets into an infinite loop. I really cant think clear anymore as I've been awake for almost 24h now. Therefor I would appreciate it if anyone could push me into the right directions.

Piece of code:

$cookie_value = 'step_2';
setcookie("step",$cookie_value, time()+3600*24);

$cookie_not_set = true;
$cookie_step_two = false;

if (isset($_COOKIE['step'])) {
    if ($_COOKIE['step'] == 'step_2') {
        $cookie_not_set = false;
        $cookie_step_two = true;
        header('Location: ?step=your_details');
        exit();
    }
} else {
    $cookie_not_set = true;
}

Thank you.

Answer 1

Nowhere are you actually setting your cookie value, so it won't change. That's why you have an infinite loop.

$_GET and $_COOKIE have nothing to do with each other. It looks like you want:

if ($_GET['step'] === 'your_details')`

...which would be better than using a cookie anyway.

Answer 2

You are going to constantly enter your if condition as there is no other manipulations going on to your cookie data.

if your cookie is set to "step_2" you will enter the loop. No changes are in place, so on the refresh to the page. You will re-enter the step_2 condition and be into a redirect.

I'm also assuming that you understand that your $_GET & $_COOKIE requests are completely different. If not, see @Brads answer

---

A solution to stop this infinite loop would be:

if (isset($_COOKIE['step'])) {
    if ($_COOKIE['step'] == 'step_2') {
        $cookie_not_set = false;
        $cookie_step_two = true;
        $_COOKIE['step'] = 'step_3';
        header('Location: ?step=your_details');
        exit();
    }

But also take note, your true/false validations/changes are local changes and will not be absolute on page refresh

Answer 3

I believe your issue is the redirect is not changing your cookie, so you need to look at the GET var you a re passing if the cookie is set to step_2 thus;

$cookie_not_set = true;
$cookie_step_two = false;

if (isset($_COOKIE['step'])) {
    if ($_COOKIE['step'] == 'step_2') {
       if( !empty($_GET['step']) && $_GET['step'] == 'your_details' )
       {
          ... you have redirected and now can continue ...
       }
       else
       {
         // redirect and set the get var to signal to this script.

          $cookie_not_set = false;
          $cookie_step_two = true;
          header('Location: ?step=your_details');
          exit();
        }
    }
} else {
    $cookie_not_set = true;
}