stay logged in

Forum Moderators: coopster

Message Too Old, No Replies

stay logged in

kristof_v

12:08 pm on Sep 26, 2006 (gmt 0)

hi,

At the moment users can login and they stay logged in as long as their browser is open.
Now i want to add a checkbox to the login form.
When they check the checkbox they stay logged in for 1 week.
I guess i have to do this with a cookie but i don't have an idea how to do this exactly.

I could use url rewriting but i'd rather use a cookie.

can anyone give me a comprehensive example please.

grtz

dreamcatcher

12:36 pm on Sep 26, 2006 (gmt 0)

Hi kristof_v,

The setcookie [uk.php.net] function is what you need. So, an example would be:

When you process your form:

if (isset($_POST['cookie']))
{
setcookie("cookie_name", '1', time()+60*60*24*30);
}

This example sets the cookie expiration at 30 days. ie:

60 (1 Min) x 60 = 1hr X 24 = 1 Day X 30 = 30 days.

You can use anything for the variable, here I just used a number. Once set, check the cookie is set using the superglobal $_COOKIE.

if (isset($_COOKIE['cookie_name']))
{
// Ok, this person is logged in
}

To clear the cookie use:

setcookie("cookie_name", "");

Hope that gets you started.

kristof_v

12:41 pm on Sep 26, 2006 (gmt 0)

ok thx!
very clear answer :)

grtz

rokec

2:17 pm on Sep 26, 2006 (gmt 0)

This statement is mathematically incorrect:

60 (1 Min) x 60 = 1hr X 24 = 1 Day X 30 = 30 days

Because (60 (1 Min) x 60) isn't equal (1 Day X 30)!

dreamcatcher

3:15 pm on Sep 26, 2006 (gmt 0)

This statement is mathematically incorrect:

Seems ok.

60 x 60 x 24 x 30

1min x 60 = 1 hour
1 hr x 24 = 24hrs (1 Day)
24hrs x 30 = 30 Days

kristof_v

9:38 pm on Sep 26, 2006 (gmt 0)

now i'm doing it like this:

when the user logs in:

if ($paswoord_db === md5($password)) {
session_start();
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
session_write_close();

//make cookie if checkbox is enabled
if (isset($_POST['stayloggedin'])) {
setcookie("username", $_SESSION['username'] , time() + 2419200);
setcookie("password", $_SESSION['password'] , time() + 2419200);
}

header('location:index.php');
}

in index:

//login cookie section
if (isset($_COOKIE['username']) && isset($_COOKIE['password']) && $_COOKIE['username']!= '' && $_COOKIE['password']!= '') {
$_SESSION['username'] = $_COOKIE['username'];
$_SESSION['password'] = $_COOKIE['password'];
}

//check if user is logged in
if (isset($_SESSION['username']) && isset($_SESSION['password']) && $_SESSION['username']!= '' && $_SESSION['password']!= '') {
echo 'Welcome <span style="font-weight:bold;">' . $_SESSION['username'] . '</span>';
echo '  �   <a href="logout.php" style="text-decoration:none; color:white;">logout</a>';
}
else {
echo 'you are not logged in.';
}

it works perfectly but now the password is saved as clear text in the cookie.
I'm having a weird feelign about this.

Or is this this a good way?

grtz

dreamcatcher

9:53 pm on Sep 26, 2006 (gmt 0)

Can't you encrypt it?

setcookie("password", md5($_SESSION['password']) , time() + 2419200);

kristof_v

6:57 am on Sep 27, 2006 (gmt 0)

ok,

but it is a good way to store a cookie for the username and a cookie with the encrypted password then?

stay logged in

kristof_v

dreamcatcher

kristof_v

rokec

dreamcatcher

kristof_v

dreamcatcher

kristof_v

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week