fxuser

I will just try to help and throw an idea... What about creating a cookie with users id and an unique hashed generated id which will aumatically change on each page that requires to be logged in.. so even if u get the cookie on your computer you will probably wont be able to do it since the unique id will be changed and if the user logs out the cookie and unique id will be set to NULL.. Just throwing an idea.. not sure if it will help you...

Sorry for bumping but can someone help me over with the previous code? I have been searching for days and i am really stuck over here...

also , i have managed to set the cookie , it recreates the new logcode but the problem is that it cant read the cookie after i close the browser so it will let me log in... while the cookie is there.. I really need to get this to work, any help would be appreciated.. Thanks.

try : $query6 = "INSERT INTO tutor_musical_background VALUES ('$tutor_id','$music')";

So i got somewhere with the following code and i would like some help : i generate a random 8bit code and md5 hash it on login $logcode= md5(func_generate_string()); $res= mysql_query("UPDATE db_regs SET logcode='$logcode' WHERE id=$id") or die('Could not update database.'); $newval= "$id:$logcode"; setcookie("cookiename", $newval, time() + 7200); then i put this code: $legal_require_php= 1234; require ('check/detectuser.php'); on the top of every page that needs users access and then this code checks on every page reload if the cookie is set and if the logcode hash equals to the one in database , if it does it creates a new one and store it in db <?php //see if detectuser.php has been required, not URL’d. if ($legal_require_php!=1234) exit; // setup global variable $global_user_id, set it to 0, which means no user as auto_increment IDs in MySQL begin with 1 $global_user_id= 0; // now, check if user’s computer has the cookie set if (isset($_COOKIE['cookiename'])) { $cookieval= $_COOKIE['cookiename']; //echo $cookieval; //now parse the ID:LOGCODE value in cooke via explode() function $cookieparsed= explode (":", $cookieval); // $cookie_uid will hold user’s id // $cookie_code will hold user’s last reported logcode $cookie_uid= $cookieparsed[0]; $cookie_code= $cookieparsed[1]; // ensure that ID from cookie is a numeric value if (is_numeric($cookie_uid)) { //now, find the user via his ID $res= mysql_query("SELECT logcode FROM db_regs WHERE id=$cookie_uid"); // no die() this time, we will redirect if error occurs // now see if user’s id exists in database if (mysql_num_rows($res) >=1) { $logcode_in_base= mysql_result($res, 0); // now compare LOGCODES in cookie against the one in database if ($logcode_in_base == $cookie_code) { // if valid, generate new logcode and update database $newcode= md5(func_generate_string()); $res= mysql_query("UPDATE db_regs SET logcode='$newcode' WHERE id='$cookie_uid'"); // setup new cookie (replace the old one) $newval= "$cookie_uid:$newcode"; setcookie("cookiename", $newval, time() + 7200); // finally, setup global var to reflect user’s id $global_user_id= $cookie_uid; } else die ('logcodes are not equal'); // redirect if logcodes are not equal } else die ('user ID does not exist in database'); // redirect if user ID does not exist in database } else die ('user id in cookie is not numeric'); // redirect if user ID in cookie not numeric } ?> Thanks.

yeap it seems it does but infact i can print the cookies so they work.. when i add their values to the sessions it seems i still cant manage the remember me function via my previous code ... Ill try to search more. Thanks for the help though.

i considered what you said and it seems to be working except that my php code is different places over the html page so i get headers errors , any way to get rid of the header errors without moving all my php page above html code? Thanks.

thats correct , my problem is that i have used all this time sessions in all my checks and now i want to use cookies aswell... so how am i gonna know if the user has checked the checkbox in order to use cookies or sessions.. so i came up with this idea: if ($numrows2 == 1){ if (isset($rememberme)){ setcookie("email", $login_mail, time() + 60 * 60 * 24 * 30); setcookie("username", $username, time() + 60 * 60 * 24 * 30); $_SESSION['email'] = $_COOKIE['email']; $_SESSION['username'] = $_COOKIE['username']; } else{ $_SESSION['email'] = $login_mail; $_SESSION['username'] = $username; } //echo "You have successfully logged in<br>"; //echo "Click <a href='profile.php?id=".$_SESSION['username']."'>here</a> to go to your profile"; print "<script language='Javascript'>document.location.href='profile.php?id=".$_SESSION['username']."' ;</script>"; } numrows2 is the check if the pass = with stored pass , there was a prev numrows which did the same thing but for login on html side i have this : <input type='checkbox' 'name=rememberme' style='background-color: #99FF66' />Remember me

since i cant edit my posts .. may i ask for a little help over here... Thanks.

bump

the code works fine if i try the loggedin() function in a new file , no parse errors.. what i wanna know is if that will do the job that i want to.. I still havent tried yet to migrate the function and cookies with my code.

ok so , let me explain it a lil bit.. After i check my password on the log in script i have this : if ($numrows2>=1){ if ($rememberme == "on"){ setcookie("username, $username, time()+86400*365") } else if ($rememberme == ""){ $_SESSION['username'] = $username; } } else echo "wrong pass"; rememberme is a checkbox item Then i have this in my configs folder: function loggedin(){ if (isset($_SESSION['username']) || isset($_COOKIE['username'])){ $loggedin = TRUE; return $loggedin; } } so in my code i use $_SESSION to check if a user is logged in.. and since i have done much of coding with $_SESSION.. if i change isset($_SESSION['username']) with loggedin() will it auto check if it will use SESSIONS or COOKIES? Thanks.

Hello , my website uses sessions to check for users if they are logged in, get data and such stuff.. But i want to add cookies in order to make users stay logged in for more time.. I do have a remember me checkbox and a function that tells me if a user is loggedin by checking if session or cookie is set and then it returns a true flag... the problem is that i dont know how to get if he is logged via session or cookies Thanks.

i have this in my code: if submit then if this1 then code if this2 then code else error_table($msg_err); else error_table($msg_err); else error_table($msg_err); i dont have loops in my code... right now i edited the function to return the text and then echo it on the 3 spots in my code, on the first if it shows 1 table ,on the 2nd it shows the 1rst correct and then one more appears with no text .. and on 3rd it shows 2 more extra boxes EDIT: as i see the problems occurs because i have the span in my code , if i use <p> only it works fine .. but why?

hello , i have this code: <?php function error_table($err){ echo"<p><span class='textborder'>$err</span></p>"; } ?> in a separate php file and then call it from another php file , like this : $msg_err='bla bla'; error_table($msg_err); when i click the button it shows the text with its border(the class has a border ,color and 1px) but when i have the code inside other if functions it shows it 2 or 3 times...

So this is what i have got so far... i cant see others profiles , just mine and that also give me wrong details.. <?php include 'config.php'; if (isset($_GET['p'])) { $p = preg_replace('#[^0-9]#i', '', $_GET['p']); } else if (isset($_SESSION['username'])) { $p = $logOptions_id; } else { echo "something is wrong."; exit(); } $p = preg_replace('#[^0-9]#i', '', $p); $sql = mysql_query("SELECT * FROM members WHERE id='$p'"); $existCount = mysql_num_rows($sql); if ($existCount == 0) { die("user does not exist."); exit(); } while($row = mysql_fetch_array($sql)){ $id = $row["id"]; $username = $row["username"]; $password = $row["password"]; } echo "Your id is : ".$id." ,your username is: ".$username." and your password is: ".$password.""; if (isset($_SESSION['username'])){ echo "<a href='logout.php'>Click here to logout</a>."; }

lets say my registered ID = 1024 .. when i log in i have in my browser url mysite.com/member.php?p=1024 which redirects to my profile page... which can also be accessed from profile.php page too... i managed to check if the ID that is inserted in the url is the same and users ID so it will display the profile , if not it will say that user does not exist .. so i can view my own profile... what i want to do right now is to be able to see others profiles too.. How do u suggest on doing that?

Hello, first of all i'm new here and i kinda like the community... so here i go with my question... When i register and then click on the link to get me to the log in file i have set the link for my member profile to be member.php?p=$_SESSION['id'] .. which works until now.. and lets say for instance my ID is 25... when i type on the browser member.php?p=553524 i will still be on the same page... so what i want to do is to check which id is typed and then throw them to the correct account profile or if the ID does not exist then throw them to a member-not-exist.php file.. I think i can do the how to check the id if it does exist but for the other one? Thanks in advance.