Jump to content

Adding cookies option to a login script

feri_soft

By feri_soft
in PHP Coding Help

Recommended Posts

feri_soft Member

feri_soft

Posted
Posted
Hi, i have this login script:
[code]<?
/* Check User Script */
session_start();  // Start Session

include 'db.php';
include 'funcs.php';
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];




if((!$username) || (!$password)){
    echo "Please enter ALL of the information! <br />";
    include 'login_form.html';
    exit();
}

// Convert password to md5 hash
$password = md5($password);

// check if the user info validates the db
$sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");
$login_check = mysql_num_rows($sql);

if($login_check > 0){
    while($row = mysql_fetch_array($sql)){
    foreach( $row AS $key => $val ){
        $$key = stripslashes( $val );
    }
        // Register some session variables!
session_register('username');
$_SESSION['username'] = $username;
session_register('userid');
$_SESSION['userid'] = $userid;
        session_register('first_name');
        $_SESSION['first_name'] = $first_name;
        session_register('last_name');
        $_SESSION['last_name'] = $last_name;
        session_register('email_address');
        $_SESSION['email_address'] = $email_address;
        session_register('special_user');
        $_SESSION['user_level'] = $user_level;
        $_SESSION['auth'] = true;
        mysql_query("UPDATE users SET last_login=now() WHERE userid='$userid'");
       
        header("Location: success.php");
    }
} else {
    echo "You could not be logged in! Either the username and password do not match or you have not validated your membership!<br />
    Please try again!<br />";
$_SESSION['auth'] = false;
    include 'login_form.html';
}
?> [/code]

How can i add cookies support ot it...and can you give me some advises how the script can be safer with the cookies.Because this is raw example i have filtered the inputs already etc...but i dont know how to create secure cookies so no one can change them in harmful way.Thanks in advance...


Hmm...There is one requerment the session globals must remain because theyare very important ids,usernames so on...
Link to comment
https://forums.phpfreaks.com/topic/20711-adding-cookies-option-to-a-login-script/
Share on other sites
HuggieBear Member

HuggieBear

Posted
Posted
You need to use [url=http://www.php.net/manual/en/function.setcookie.php]setcookie[/url] create a cookie.

[code]
<?php
// Cookie parameters
$name = "username";
$value = "HuggieBear";
$path = "/";  // This specifies where the cookie will be valid from.  / (forward slash) is root
$domain = "yourdomian.com";  // This will make the cookie available to the whole domain
$expire = time() +3600;  // Set the cookie to expire in an hour
setcookie($name, $value, $expire, $path, $domain);  // Set the actual cookie
?>
[/code]

Regards
Huggie
HuggieBear Member

HuggieBear

Posted
Posted
Oh, I see, you want to add the cookie after they've logged in to say they've logged in.

In that case, set something like this:

[code]
<?php
// Cookie parameters
$name = "authenticated";
$value = "y";
$path = "/";  // This specifies where the cookie will be valid from.  / (forward slash) is root
$domain = "yourdomian.com";  // This will make the cookie available to the whole domain
$expire = time() +3600;  // Set the cookie to expire in an hour
setcookie($name, $value, $expire, $path, $domain);  // Set the actual cookie
?>
[/code]

Then at the top of your pages:

[code]
<?php
if ($_COOKIE['authenticated'] != "y"){
header("Location: login.php");
}
else {
// Your page content here
}
?>
[/code]

Regards
Huggie

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.