[SOLVED] Got Milk, Need Cookie

[AV1611]

I have done some minor stuff with cookies in the past, but need some guidance.

 

All I want to do is make a simple login that when completed it sends a cookie to the client that never expires, then everytime they come back to the site it checks to see if the cookie is present and if not then they login again.

 

1. Is that PHP only?

2. It's a low security site... I'm making a shoutbox from scratch is all.

3. I just need to know how to make the cookie not expire and how to check for it on return to the site.

 

 

[dropfaith]

The cookie system does not allow to create a cookie for ever but you can just create a cookie to live of a long time enough to make sure the user wiill be dead by that time

 

 

setcookie("registered",$cookie_data,time()+60*60*24*365*10);

 

if im correct on how i set that it would be a ten year cookie which in computer world is forever who keeps the same machine that long?

 

 

[PFMaBiSmAd]

Because the setcookie() function uses a Unix timestamp internally to come up with the date/time it uses in the actual cookie, there is currently a 2038 year limit on the longest cookie that php can set.

[revraz]

I hope we're not dead in 10 years.

[dropfaith]

i hope your not using the same computer in ten years  technology will be way higher  and hopefully people will upgrade before ten years time

[Brian W]

I have a new comp every year it seems... though I'm always buying last year's technology when it comes on sale for dirt cheap.

[revraz]

You would be surprised to see how many people that use Unix/Linux still use 386/486 machines.

 

But anyways, was just a joke since you said the user would be dead.

[AV1611]

so, what is the syntax to see if they have the cookie set?

 

if(isset($_COOKIE['cookiename'])){

do some cool stuff for the person

}

else{

tell them to log in

}

 

like that?

 

I don't care about the info in the cookie but I guess I could put a sha1 hash of a keyword or whatever but I don't care I don't think... It's just a shoutbox...

 

[genericnumber1]

You should add some form of content to the cookie to authenticate the user as anyone can just create a cookie with the name you specified.

 

As for the subject of a user living 10 years I've been developing an InjureUser class for use as a tech support tool... if you'd like to use it when the cookie reaches 9 years + 11 months + 364 days, send me a message and I'll send you a copy when I'm finished with it.

[AV1611]

<?php

if(isset($_GET['set'])){

setcookie('shoutbox','shoutboxdata',time()+60*60*24*365*10);

header('Location: cookietest.php');

}

else{

if(isset($_COOKIE['shoutbox'])){

echo "cookie is set";

}

else{

echo "cookie is not set";

}

}

?>

 

Looks like that'll do it.

 

 

[genericnumber1]

It'll work, not be secure, but it'll stop people who aren't looking to crack it.

[AV1611]

If I create an hash and store in in the cookie that should make it plenty secure, ya?