remember me feature in login

[suyesh.amatya]

I want to implement remember me feature in login:

The code is:

if($_POST['remember'] == 'Y')

{

setcookie('USR_CD',"",time() - 60);

setcookie('PASSWORD',"",time() - 60);

 

setcookie('USR_CD',$_POST['usr_cd'],time()+60*60*24*30);

setcookie('PASSWORD',$_POST['password'],time()+60*60*24*30);

}

else if($_POST['usr_cd'] == $_COOKIE['USR_CD'])

{

setcookie('USR_CD',"",time() - 60);

setcookie('PASSWORD',"",time() - 60);

}

else if(isset($_GET['logout']))

{

session_destroy();

 

}

 

 

and the form is:

<form id="form1" name="form1" method="post" action="">

          <dl>

            <dt>Username:</dt>

            <dd>

              <input name="usr_cd" type="text" class="text" id="usr_cd" />

            </dd>

            <dt>Password:</dt>

            <dd>

              <input name="password" type="password" id="password" class="text" />

            </dd>

            <dt> </dt>

            <dd>

            <input name="Login" type="submit" class="submit-btn" id="Login" value="Log in" />

<script language="">

document.getElementById("usr_cd").focus()

</script>

            </dd>

            <dt> </dt>

            <dd><input name="remember" type="checkbox" id="remember" value="Y" /> Remember me</dd>

         

            <dd><a href="#">Lost your Password ?</a></dd>

           

          </dl>

        </form>

 

Its not working correctly, I wonder what has gone wrong.

[ignace]

setcookie('PASSWORD',$_POST['password'],time()+60*60*24*30);

 

Do you know that a cookie stores it's data in plain text? Meaning that your password and username is left unprotected on the computer of your user?

 

Plus, this question has been answered many times before: use session_set_cookie_params() to extend the lifetime of your cookie.