justinede Posted July 8, 2009 Share Posted July 8, 2009 Hello All, I would like to add a "remember me" feature to my login script. If someone could assist me I would greatly appreciate it. Here is my checklogin.php: <?php ob_start(); session_start(); $host="*****************"; // Host name $username="*****"; // Mysql username $password="****"; // Mysql password $db_name="justin"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" $_SESSION['myusername'] = $myusername; $_SESSION['mypassword'] = $mypassword; header("location:users/$myusername.php"); } else { echo "Wrong Username or Password"; } ob_end_flush(); ?> Link to comment https://forums.phpfreaks.com/topic/165272-remember-me-wcookie/ Share on other sites More sharing options...
p2grace Posted July 8, 2009 Share Posted July 8, 2009 Start by saving a long unique hash of a user into a cookie, then if that cookie is present, lookup the user information through an sql query using the hash as a key, and then automatically log them in. Workflow: 1.) Login with the remember me input checked 2.) Generate a unique long hash and save it in the user's table and as a cookie 3.) When ever the login page is visited and that cookie exists, lookup the user from the hash in the cookie and send it to the login script. Make sense? Note: you have to use a long hash and not their id because anyone can see and change the values of their cookie. Link to comment https://forums.phpfreaks.com/topic/165272-remember-me-wcookie/#findComment-871577 Share on other sites More sharing options...
justinede Posted July 8, 2009 Author Share Posted July 8, 2009 makes sense, but i am not skilled in php enough to do that. do you think you can write that up real quick? Link to comment https://forums.phpfreaks.com/topic/165272-remember-me-wcookie/#findComment-871579 Share on other sites More sharing options...
p2grace Posted July 8, 2009 Share Posted July 8, 2009 I won't write it for you because you won't learn anything I'd be happy to help walk you through it though. Start by creating a new field in the users table, a 50 length varchar called ukey (for user key). Then update the login script to check if the remember me input field was checked. Third, write the query to update the user record with their new key and set the cookie. Be sure to write a check to ensure it's unique. After that we can discuss how to make them automatically login. Link to comment https://forums.phpfreaks.com/topic/165272-remember-me-wcookie/#findComment-871582 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.