Jump to content

Recommended Posts

and when they logout how do i delete the cookie?

 

setcookie()

 

On the manual in the notes section

 

#  Cookies must be deleted with the same parameters as they were set with. If the value argument is an empty string, or FALSE, and all other arguments match a previous call to setcookie, then the cookie with the specified name will be deleted from the remote client. This is internally achieved by setting value to 'deleted' and expiration time to one year in past.

# Because setting a cookie with a value of FALSE will try to delete the cookie, you should not use boolean values. Instead, use 0 for FALSE and 1 for TRUE.

 

Set the value parameter to false and it will attempt to kill the cookie.

Link to comment
https://forums.phpfreaks.com/topic/157165-cookies/#findComment-829788
Share on other sites

everytime a user logs in and ticks remebr me create a md5(rand(1,10000)), store this in the db in the user row as hash and store it in a cookie as hash, now in your authentication say if there is a cookie called blah check to see if the value of hash in the cookie is the same as the value of hash in the user row hash field. when the user logs out you can leave the value of hash on the cookie but delte it from the users db row this way they can only be rembered on one computer and the user cant fake it. if teh hash on teh cookie is the same as teh hash in teh users row field hash then allow them to bypass authentication otherwise check if the session exists otherwise redirect to login where the session and or teh cookie and db row feild hsash are set. if you want them rembered on multiple computers then you must create a comma seperated list of hashes or a user to hashes table

Link to comment
https://forums.phpfreaks.com/topic/157165-cookies/#findComment-834614
Share on other sites

an easier and more efficent way to ensure its unique is by using the time and date function in the hashing... like so:

 

$key = md5(rand(1,10000).time().date('l jS F Y h:i:s A'))

 

OR, even better:

if you use session vars and have session_start at the top of the page, you can ensure the string is unique by using the unique session id...like this:

 

$key = md5(session_id());

 

Link to comment
https://forums.phpfreaks.com/topic/157165-cookies/#findComment-836430
Share on other sites

an easier and more efficent way to ensure its unique is by using the time and date function in the hashing... like so:

 

$key = md5(rand(1,10000).time().date('l jS F Y h:i:s A'))

 

OR, even better:

if you use session vars and have session_start at the top of the page, you can ensure the string is unique by using the unique session id...like this:

 

$key = md5(session_id());

 

 

yes the old time() concat trick nice

Link to comment
https://forums.phpfreaks.com/topic/157165-cookies/#findComment-836438
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.