New to PHP/mySQL - Cookies question - PHP Server Side Scripting forum at WebmasterWorld

Forum Moderators: coopster

Message Too Old, No Replies

New to PHP/mySQL - Cookies question

RussellC

5:33 pm on Oct 31, 2002 (gmt 0)

I have been learning PHP and mySQL for about a week. I just made a login page with a simple form on it. It then goes to a php page that validates if the login and password are in the database then sets a cookie for the username and login an redirects to the main application page like this:

setcookie("ck_user", $user);
setcookie("ck_pass", $pass);
header("Location: /main.php");
exit;

This cookie will only be valid for the session since I didn't set a time on it, correct?

Now on main.php, I want it to check for the cookies and if they are not there I want to redirect them to the login page, and if the cookie is there I want it to execute the main.php page. How do I go about doing this?

Thanks a bunch!

jatar_k

9:27 pm on Oct 31, 2002 (gmt 0)

setcookie from php.net
[php.net...]

One thing that comes to mind first is you are setting two cookies for one site, bad plan. I have had a lot of trouble when people have used this method. You are better off setting one single cookie with all the info in it.

Take a look at serialize()
[php.net...]

this will provide you a way to put multiple values in there.

here is a little auth lib I used somewhere at sometime, it was a while ago but it worked well. I also didn't write this particular one, someone who worked for me did.

define (AUTH_HASH, $REMOTE_ADDR.$HTTP_USER_AGENT);

function auth_login($username) {
if (!empty($username)) {
$out_auth = serialize(array($username,md5($username.AUTH_HASH)));
setcookie('auth', $out_auth, 0, '/', '', 0);
}
}

function auth_verify() {
global $auth, $username;
list($username, $auth) = unserialize($auth);
$test_auth = md5($username.AUTH_HASH);
if ($auth == $test_auth)
return 1;
else
return 0;
}

function auth_logout() {
setcookie('auth', '', -1, '/', '', 0);
}

RussellC

9:10 pm on Nov 1, 2002 (gmt 0)

Thanks for the help! Looks like I have some reading to do... like I said I am very new to this.

Thanks Again! :)

Allen

3:12 pm on Nov 28, 2002 (gmt 0)

If your doing a login system, take a look at PHP Sessions. These make life easy because PHP deals with whether or not the browsers can accept cookies and storing persistant data.

Allen

cyberax

1:50 pm on Nov 29, 2002 (gmt 0)

Back to your main question about redirecting to a login page if the cookies aren't set, just use something like:

if (!$HTTP_COOKIE_VARS['ck_user']) header("Location: login.php");

This is assuming your login cookie is called 'ck_user'

electgop

7:14 pm on Dec 3, 2002 (gmt 0)

I am just now getting a Login / Authentification system together. It has Sessions, when Cookies are not available, mailback verification, and mySQL support.
I want to add a pages viewed history for each user, multiple email support, automated email ping to see if their email is still valid, and email their OTHER emails.

Does anyone know if others already have these features rolled into one package beyond what PHPBuilder supplies?

lorax

7:16 pm on Dec 3, 2002 (gmt 0)

Have you looked into the scripts at Hotscripts.com?