Yves Posted July 23, 2008 Share Posted July 23, 2008 In my login.php there is the following piece of code... After it checks if the username is found in the members table it executes this: <?php $query="update members set lastlogin='".time()."' WHERE username='".mysql_real_escape_string($username)."'"; $conn->execute($query); SESSION_REGISTER("USERID");$_SESSION[uSERID]=$result->fields['USERID']; SESSION_REGISTER("EMAIL");$_SESSION[email]=$result->fields['email']; SESSION_REGISTER("USERNAME");$_SESSION[uSERNAME]=$result->fields['username']; SESSION_REGISTER("VERIFIED");$_SESSION[VERIFIED]=$result->fields['verified']; SESSION_REGISTER("FAMILYFILTER");$_SESSION[FAMILYFILTER]=$result->fields['familyfilter']; ?> When I'm logged in and I check my cookies I find this for my domain: carbtube.com PHPSESSID When I close my browser, reopen it and load carbtube.com again the PHPSESSID is gone. What I want is to be logged in forever up untill the moment I click the lougout link on the site (handled by the lougout.php). How can I do this (securely) and can you give me an example? Quote Link to comment Share on other sites More sharing options...
JasonLewis Posted July 23, 2008 Share Posted July 23, 2008 Cookies, google it. Quote Link to comment Share on other sites More sharing options...
Yves Posted July 23, 2008 Author Share Posted July 23, 2008 I read about cookies here: Set Cookie PHP. So I know how to set them, retrieve them and unset them. (I think) but I don't know how I can use them to automatically log someone in at any page of the site. If someone logs in what should I put in a cookie? Just the username? I'm just having trouble putting the pieces of the puzzle together. ??? Quote Link to comment Share on other sites More sharing options...
Entanio Posted July 23, 2008 Share Posted July 23, 2008 Use cookies instead of the Session. So just set the $_COOKIE['USERID'] instead of $_SESSION['USERID']. In an unrealted subject it is good practice to put single quotaion marks in $_SESSION, $_COOKIE etc. So, for example it would be $_SESSION['USERID'] not $_SESSION[uSERID]. Quote Link to comment Share on other sites More sharing options...
Yves Posted July 23, 2008 Author Share Posted July 23, 2008 Hm. I tried replacing all the $_SESSION[VARIABLE] with $_COOKIE['VARIABLE'] but it doesn't log me in. Quote Link to comment Share on other sites More sharing options...
Entanio Posted July 23, 2008 Share Posted July 23, 2008 You have to make sure that all the pages that require a login have $_COOKIE['VARIBLE'] instead of $_SESSION['VARIBLE']. Quote Link to comment Share on other sites More sharing options...
Yves Posted July 23, 2008 Author Share Posted July 23, 2008 I see. I have some work to do then. Hope this works. Quote Link to comment Share on other sites More sharing options...
Entanio Posted July 23, 2008 Share Posted July 23, 2008 So do I, lol. No, I think it will Quote Link to comment Share on other sites More sharing options...
JasonLewis Posted July 23, 2008 Share Posted July 23, 2008 Here are some tutorials about Cookies: http://www.pixel2life.com/tutorials/count/26046/cookies_and_you_learn_what_cookies_are_and_when_and_how_to_use_them/ http://www.pixel2life.com/tutorials/count/52693/managing_cookies_in_php/ http://www.joomlaresource.com/Webmaster_Tutorials/PHP_Tutorials/Using_Cookies_in_PHP/ Good luck. Quote Link to comment Share on other sites More sharing options...
Yves Posted July 26, 2008 Author Share Posted July 26, 2008 I'm getting blank pages. I replaced this in my login.php <?php /* SESSION_REGISTER("USERID");$_SESSION[uSERID]=$result->fields['USERID']; SESSION_REGISTER("EMAIL");$_SESSION[email]=$result->fields['email']; SESSION_REGISTER("USERNAME");$_SESSION[uSERNAME]=$result->fields['username']; SESSION_REGISTER("VERIFIED");$_SESSION[VERIFIED]=$result->fields['verified']; SESSION_REGISTER("FAMILYFILTER");$_SESSION[FAMILYFILTER]=$result->fields['familyfilter']; */ function DaysToSeconds($strDays) { $str24Hour = time()+86400; $strReturn = $str24Hour * $strDays; return $strReturn; } $userid = $result->fields['USERID']; $email = $result->fields['email']; $username = $result->fields['username']; $verified = $result->fields['verified']; $familyfilter = $result->fields['familyfilter']; $cookie_expire = DaysToSeconds(30); #30 Days $cookie_domain = ".carbtube.com"; setcookie ('USERID', '$userid', '$cookie_expire', '', '$cookie_domain', 0); setcookie ('EMAIL', '$email', '$cookie_expire', '', '$cookie_domain', 0); setcookie ('USERNAME', '$username', '$cookie_expire', '', '$cookie_domain', 0); setcookie ('VERIFIED', '$verified', '$cookie_expire', '', '$cookie_domain', 0); setcookie ('FAMILYFILTER', '$familyfilter', '$cookie_expire', '', '$cookie_domain', 0); ?> And I changed all $_SESSION[VARIABLE] to $_COOKIE['VARIABLE'] on all pages of the site. I also changed all $smarty.session.VARIABLE to $smarty.cookies.VARIABLE. All php pages also start with session_start(); So it should all just work. But sadly I'm getting blank pages on any page I try to load. And they all have no source code whatsoever. Also, when I delete all my cookies in my browser and reload the site. I still get a PHPSESSID cookie created. Don't know why that is. Any idea why I'm getting a blank pages? Quote Link to comment Share on other sites More sharing options...
Yves Posted July 26, 2008 Author Share Posted July 26, 2008 Do I have to set these cookies as empty first? like so... setcookie ('USERID','','$cookie_expire'); setcookie ('EMAIL','','$cookie_expire'); setcookie ('USERNAME','','$cookie_expire'); setcookie ('VERIFIED','','$cookie_expire'); setcookie ('FAMILYFILTER','','$cookie_expire'); ...because when I load a page (as an unregistered new visitor) where there's $_COOKIE['whatever'] somewhere in the source code it just doesn't load that part of the page. It's asif it can't interpret what a cookie is and defenatly not when that cookie can't be found anywhere. What's causing this? Quote Link to comment Share on other sites More sharing options...
DarkWater Posted July 26, 2008 Share Posted July 26, 2008 I think your caps lock key is broken. Anyway, you use sessions to store the data and you can just change the lifetime of the session cookie in php.ini. Much easier because cookies are much more easily tampered with. Quote Link to comment Share on other sites More sharing options...
Yves Posted July 26, 2008 Author Share Posted July 26, 2008 Ok. Thanks man. Sorry for the implicit caps. Thanks!! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.