Jump to content

Login via php and cookies


bkribbs

Recommended Posts

Alright, I'm struggling a bit. I've succesfully set up a MySQL database and users can register.

 

I also have a login script which works.

 

However, what I want to do now is make it so a user has his information saved in a cookie for 100 days unless he logs out. (I will implement this into a remember me checkbox, but after I get it working this way first.)

 

So a user logs in using a form which fills in appropriate variables, and this script is run: (obviously the stars are not in the script, I have correct log in there.)

 

<?php
ob_start();
$host="localhost"; // Host name
$username="****"; // Mysql username 
$password="****"; // Mysql password 
$db_name="users"; // Database name 
$tbl_name="users"; // Table name


// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

setcookie('username', $_POST['myusername'], time()+60*60*24*365);
setcookie('password', md5($_POST['mypassword']), time()+60*60*24*365);

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}

ob_end_flush();
?>

 

You'll see the cookie is near the end.

 

I then go to a page which includes this:

 

 

<?php 
if(isset($_COOKIE['username']))
{
echo 'You are logged in as', var_dump($_COOKIE); 
}
else
{
echo 'you aren\'t logged in!';
}
?>

 

Which simply looks for the cookie. However, no matter what I try, it seems to not detect the cookie, and it says I am not logged in.

 

Does anyone spot the problem?

 

Link to comment
Share on other sites

I have made progress.

 

I changed the first from

 

setcookie('username', $_POST['myusername'], time()+60*60*24*365);
setcookie('password', md5($_POST['mypassword']), time()+60*60*24*365);

 

to

 

setcookie('username', ('$myusername'), time()+60*60*24*365);
setcookie('password', ('$mypassword'), time()+60*60*24*365);

 

However it now returns

 

You are logged in asarray(3) { ["password"]=> string(11) "$mypassword" ["username"]=> string(11) "$myusername" ["PHPSESSID"]=> string(26) "7lsmf64n0qp27r7dr21sdcjgi4" }

 

where I expect it to just say the name I am logged in as.

 

What part am I doing incorrectly?

 

Link to comment
Share on other sites

Using single quotes causes the value within to be interpreted as a sting literal, rather than as the value of the variable.

 

That code, however is from phpeasystep.com, and like most of the code on that site, it is obsolete, not well written and uses deprecated functions. I don't recommend using that site as a learning resource, and certainly not as a source for code that you intend to use.

Link to comment
Share on other sites

Alright. I do want to thank you for your being helpful. I know how it feels to help people as clueless as me. (Obviously not in this subject, but....)

 

So the problem with the crappy code is deprecated code? Or inefficient methods? Or what am I supposed to be avoiding?

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.