AV1611 Posted October 1, 2008 Share Posted October 1, 2008 I have done some minor stuff with cookies in the past, but need some guidance. All I want to do is make a simple login that when completed it sends a cookie to the client that never expires, then everytime they come back to the site it checks to see if the cookie is present and if not then they login again. 1. Is that PHP only? 2. It's a low security site... I'm making a shoutbox from scratch is all. 3. I just need to know how to make the cookie not expire and how to check for it on return to the site. Quote Link to comment Share on other sites More sharing options...
dropfaith Posted October 1, 2008 Share Posted October 1, 2008 The cookie system does not allow to create a cookie for ever but you can just create a cookie to live of a long time enough to make sure the user wiill be dead by that time setcookie("registered",$cookie_data,time()+60*60*24*365*10); if im correct on how i set that it would be a ten year cookie which in computer world is forever who keeps the same machine that long? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted October 1, 2008 Share Posted October 1, 2008 Because the setcookie() function uses a Unix timestamp internally to come up with the date/time it uses in the actual cookie, there is currently a 2038 year limit on the longest cookie that php can set. Quote Link to comment Share on other sites More sharing options...
revraz Posted October 1, 2008 Share Posted October 1, 2008 I hope we're not dead in 10 years. Quote Link to comment Share on other sites More sharing options...
dropfaith Posted October 1, 2008 Share Posted October 1, 2008 i hope your not using the same computer in ten years technology will be way higher and hopefully people will upgrade before ten years time Quote Link to comment Share on other sites More sharing options...
Brian W Posted October 1, 2008 Share Posted October 1, 2008 I have a new comp every year it seems... though I'm always buying last year's technology when it comes on sale for dirt cheap. Quote Link to comment Share on other sites More sharing options...
revraz Posted October 1, 2008 Share Posted October 1, 2008 You would be surprised to see how many people that use Unix/Linux still use 386/486 machines. But anyways, was just a joke since you said the user would be dead. Quote Link to comment Share on other sites More sharing options...
AV1611 Posted October 1, 2008 Author Share Posted October 1, 2008 so, what is the syntax to see if they have the cookie set? if(isset($_COOKIE['cookiename'])){ do some cool stuff for the person } else{ tell them to log in } like that? I don't care about the info in the cookie but I guess I could put a sha1 hash of a keyword or whatever but I don't care I don't think... It's just a shoutbox... Quote Link to comment Share on other sites More sharing options...
genericnumber1 Posted October 1, 2008 Share Posted October 1, 2008 You should add some form of content to the cookie to authenticate the user as anyone can just create a cookie with the name you specified. As for the subject of a user living 10 years I've been developing an InjureUser class for use as a tech support tool... if you'd like to use it when the cookie reaches 9 years + 11 months + 364 days, send me a message and I'll send you a copy when I'm finished with it. Quote Link to comment Share on other sites More sharing options...
AV1611 Posted October 1, 2008 Author Share Posted October 1, 2008 <?php if(isset($_GET['set'])){ setcookie('shoutbox','shoutboxdata',time()+60*60*24*365*10); header('Location: cookietest.php'); } else{ if(isset($_COOKIE['shoutbox'])){ echo "cookie is set"; } else{ echo "cookie is not set"; } } ?> Looks like that'll do it. Quote Link to comment Share on other sites More sharing options...
genericnumber1 Posted October 1, 2008 Share Posted October 1, 2008 It'll work, not be secure, but it'll stop people who aren't looking to crack it. Quote Link to comment Share on other sites More sharing options...
AV1611 Posted October 1, 2008 Author Share Posted October 1, 2008 If I create an hash and store in in the cookie that should make it plenty secure, ya? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.