Welcome to WebmasterWorld Guest from 220.127.116.11
Can anyone point me into the right direction on to implement this?
Will I just need to create a cookie for the user?
Any open source php forum available that would be handle this?
Appreciate any advice.
>> Any open source php forum available that would be handle this?
I'm sure you can use most of the popular open-source php forum applications for this, however, you are going to have to dissect the login code a little bit and possibly alter it to fit your standing application's login routine. You should make it check the cookie/session for the correct login credentials, and if correct, proceed to allowing them to view the forum, etc...but if not, prompt for a login.
If you are allowing people to post personal details then you need to be quite careful that the person logging in as who there cookie says they are. If like this site you basically dont allow any personal contact details then you dont need to be so careful (as there is almost no information for people to get).
Also dont store the password in the cookie...like a forum very close to here does (look at your cookie and you will see what I mean) :p
For setting the cookie id there is a useful function uniqid [uk.php.net] as storing there id as it appears in the database is not such a good idea (assuming you are using a sequential id). As if your cookie id is 257 you can be fairly sure that there is a user 256 and 258, so you are already half way to faking there login. A random id is better...it also avoids the very old admin = 1 problem, as admin will be just as random as everyone else.