Welcome to WebmasterWorld Guest from 54.146.221.231

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

New to PHP/mySQL - Cookies question

     
5:33 pm on Oct 31, 2002 (gmt 0)

Preferred Member

10+ Year Member

joined:Jan 8, 2002
posts:465
votes: 0


I have been learning PHP and mySQL for about a week. I just made a login page with a simple form on it. It then goes to a php page that validates if the login and password are in the database then sets a cookie for the username and login an redirects to the main application page like this:

setcookie("ck_user", $user);
setcookie("ck_pass", $pass);
header("Location: /main.php");
exit;

This cookie will only be valid for the session since I didn't set a time on it, correct?

Now on main.php, I want it to check for the cookies and if they are not there I want to redirect them to the login page, and if the cookie is there I want it to execute the main.php page. How do I go about doing this?

Thanks a bunch!

9:27 pm on Oct 31, 2002 (gmt 0)

Administrator

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:July 24, 2001
posts:15755
votes: 0


setcookie from php.net
[php.net...]

One thing that comes to mind first is you are setting two cookies for one site, bad plan. I have had a lot of trouble when people have used this method. You are better off setting one single cookie with all the info in it.

Take a look at serialize()
[php.net...]

this will provide you a way to put multiple values in there.

here is a little auth lib I used somewhere at sometime, it was a while ago but it worked well. I also didn't write this particular one, someone who worked for me did.

define (AUTH_HASH, $REMOTE_ADDR.$HTTP_USER_AGENT);

function auth_login($username) {
if (!empty($username)) {
$out_auth = serialize(array($username,md5($username.AUTH_HASH)));
setcookie('auth', $out_auth, 0, '/', '', 0);
}
}

function auth_verify() {
global $auth, $username;
list($username, $auth) = unserialize($auth);
$test_auth = md5($username.AUTH_HASH);
if ($auth == $test_auth)
return 1;
else
return 0;
}

function auth_logout() {
setcookie('auth', '', -1, '/', '', 0);
}

9:10 pm on Nov 1, 2002 (gmt 0)

Preferred Member

10+ Year Member

joined:Jan 8, 2002
posts:465
votes: 0


Thanks for the help! Looks like I have some reading to do... like I said I am very new to this.

Thanks Again! :)

3:12 pm on Nov 28, 2002 (gmt 0)

Junior Member

10+ Year Member

joined:Jan 14, 2002
posts:118
votes: 0


If your doing a login system, take a look at PHP Sessions. These make life easy because PHP deals with whether or not the browsers can accept cookies and storing persistant data.

Allen

1:50 pm on Nov 29, 2002 (gmt 0)

New User

10+ Year Member

joined:Aug 22, 2002
posts:38
votes: 0


Back to your main question about redirecting to a login page if the cookies aren't set, just use something like:

if (!$HTTP_COOKIE_VARS['ck_user']) header("Location: login.php");

This is assuming your login cookie is called 'ck_user'

7:14 pm on Dec 3, 2002 (gmt 0)

New User

10+ Year Member

joined:Dec 3, 2002
posts:2
votes: 0


I am just now getting a Login / Authentification system together. It has Sessions, when Cookies are not available, mailback verification, and mySQL support.
I want to add a pages viewed history for each user, multiple email support, automated email ping to see if their email is still valid, and email their OTHER emails.

Does anyone know if others already have these features rolled into one package beyond what PHPBuilder supplies?

7:16 pm on Dec 3, 2002 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lorax is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Mar 31, 2002
posts:7575
votes: 0


Have you looked into the scripts at Hotscripts.com?