scarhand Posted July 4, 2009 Share Posted July 4, 2009 this is rediculous, my cookies are being remembered for the forgot password reset page, but no other page heres my code for the session.php that is on top of all php files: <?php if (isset($_POST['luser'])) // has the header login form been posted? { foreach ($_POST as $field => $value) $$field = htmlspecialchars(trim($value), ENT_QUOTES); $lpassmd5 = md5($lpass); if (mysql_result(mysql_query("select count(*) from users where username='$luser' and password='$lpassmd5'"), 0) != 0) { $_SESSION['username'] = $luser; $_SESSION['password'] = $lpassmd5; setcookie('username', $luser, time() + (365 * 24 * 60 * 60)); setcookie('password', $lpassmd5, time() + (365 * 24 * 60 * 60)); } else { $lerror = 'Invalid username and/or password'; } } else { $luser = 'Username'; $lpass = 'Password'; } if (isset($_SESSION['username'])) { $cuser = $_SESSION['username']; $cpass = $_SESSION['password']; } else if (isset($_COOKIE['username'])) { $cuser = $_COOKIE['username']; $cpass = $_COOKIE['password']; } $loggedin = false; if (isset($cuser)) { $sql = mysql_query("select * from users where username='$cuser' and password='$cpass'"); if (mysql_num_rows($sql) != 0) { while ($row = mysql_fetch_assoc($sql)) { $myid = $row['id']; $myusername = $row['username']; $mypassword = $row['username']; $mypoints = $row['points']; $loggedin = true; } } } ?> heres my code for the forgot password reset page: <?php if ($loggedin) header("Location: $url"); $id = $_GET['id']; $hash = $_GET['hash']; if (mysql_result(mysql_query("select count(*) from users where id='$id' and forgotpass='$hash'"), 0) != 0) { $newpass = substr($hash, 2, 5); $newpassmd5 = md5($newpass); $forgotpass = md5($newpassmd5); mysql_query("update users set password='$newpassmd5', forgotpass='$forgotpass' where id='$id'"); } else { die('problem'); } ?> Link to comment https://forums.phpfreaks.com/topic/164741-solved-userpassword-cookies-being-remember-on-only-1-page/ Share on other sites More sharing options...
scarhand Posted July 4, 2009 Author Share Posted July 4, 2009 keep in mind that the forgot pass reset page is being access AFTER i have visited this page: <?php if (!$loggedin) header("Location: $url"); session_destroy(); setcookie('username', '', time() - 1); setcookie('password', '', time() - 1); ?> Link to comment https://forums.phpfreaks.com/topic/164741-solved-userpassword-cookies-being-remember-on-only-1-page/#findComment-868733 Share on other sites More sharing options...
scarhand Posted July 4, 2009 Author Share Posted July 4, 2009 nevermind i had to clear my ie8 cache because it stacked when i was working on things it works fine Link to comment https://forums.phpfreaks.com/topic/164741-solved-userpassword-cookies-being-remember-on-only-1-page/#findComment-868735 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.