Jump to content


Photo

Bizarre Cookie problem


  • Please log in to reply
1 reply to this topic

#1 johnharris

johnharris
  • New Members
  • Pip
  • Newbie
  • 2 posts

Posted 26 August 2006 - 10:38 PM

I've looked around for anyone with the same problem and I can't see any solution so I decided to post. I have created this login form and it all works fine. I then added cookie support and that also worked. However, I cannot make it so that a cookie expires when the browser is closed. I have used a checkbox "remember_me" in the form, and have tested that it works ok (see the commented out echo statements in the submit section). If I login and no not check the button, then close the browser, then re-open, I am still logged in. I thought if no value for expiry was specified cookies expired on session (browser) close? Mine do not seem to be :( Below is login.php



<?php
    
    if (isset($_POST['submit']))    {
    
        require_once ('../mysql_connect.php');
        
        function escape_data ($data)    {
        
            global $dbc;
            
            if (ini_get('magic_quotes_gpc'))    {
            
                $data = stripslashes($data);
            
            }
            
            return mysql_real_escape_string($data, $dbc);
            
        }
        
        $message = NULL;
        
        if (empty($_POST['username']))    {
        
            $u = FALSE;
            $message .= '<p>You forgot to enter your username!</p>';
            
        } else    {
        
            $u = escape_data($_POST['username']);
            
        }
        
        if (empty($_POST['password']))    {
        
            $p = FALSE;
            $message .= '<p>You forgot to enter your password!</p>';
            
        } else    {
        
            $p = escape_data($_POST['password']);
            
        }
        
        if ($u && $p)    {
            
            $query = "SELECT user_id, first_name FROM users WHERE username='$u' AND password=MD5('$p')";
            $result = @mysql_query ($query);
            $row = mysql_fetch_array ($result, MYSQL_NUM);
            
            if ($row)    {
                
                if (isset($_POST['remember_me']))    {
                    
                    setcookie ('first_name', $row[1], time()+36000, '/', '', 0);
                    setcookie ('user_id', $row[0], time()+36000, '/', '', 0);
                    header ("Location: index.php");
                    //echo '<p>ticked</p>';
                    
                } else    {
                
                    setcookie ('first_name', $row[1], NULL, '/', '', 0);
                    setcookie ('user_id', $row[0], NULL, '/', '', 0);
                    header ("Location: index.php");
                    //echo '<p>Not ticked</p>';
                    
                }
                
            } else    {
            
                $message = '<p>Error. Your username/password is incorrect.</p>';
                
            }
            
            mysql_close();
            
            
        } else    {
        
            $message .= '<p>Please try again.</p>';
            
        }
        
    }
    
    if (isset($message))    {
    
        echo $message;
        
    }

?>

<form action="<?php echo $_SERVER['DOCUMENT_ROOT/index.php']; ?>" method="post">

    <p>Username: <input type="text" name="username" size="15" maxlength="20" value="<?php if (isset($_POST['username']))
    echo $_POST['username']; ?>" /></p>

    <p>Password: <input type="password" name="password" size="15" maxlength="20" /></p>
    
    <input type="checkbox" name="remember_me" /> Keep me logged in (requires cookies to be enabled)

    <div align="center"><input type="submit" name="submit" value="Login" /></div>
    
</form>



#2 shocker-z

shocker-z
  • Members
  • PipPipPip
  • Advanced Member
  • 864 posts
  • LocationNottingham

Posted 27 August 2006 - 09:19 AM

why not use a session instead of cookie? these auto expire when browser is closed :)

Simpler than playing with cookies

Regards
Liam
www: www.ukchat.ws | irc: irc.ukchat.ws chan: #blufudge




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users