...

View Full Version : Save username in a cookie.



Crazydog
11-08-2006, 08:05 AM
First, here is the login script I am using


<?php
/* DO NOT EDIT THIS FILE UNLESS YOU KNOW WHAT YOU ARE DOING! */

//this function disables errors when header code is not on the 1st line of code.
ob_start();
//include the configuration file. fatal error if file doesn't exist
require ("config.php");
//checking of sql database
$check_db = "SELECT * FROM ".$mysql_pretext."_users";
if (!mysql_query ($check_db))
{
//if tables doesn't exist,then install the tables
include ("install.php");
}
else
{
//checking of install file
if (file_exists ("install.php")) die ("<font color=\"red\">FATAL ERROR. INSTALL.PHP EXISTS! POSSIBLE SECURITY RISK! TERMINATING PROGRAM</font>");
}
session_start();
//check if the use is logged in 1st. If not logged in,why bother logging them out?
if (isset ($_SESSION['loggedin']) && isset ($_SESSION['time']))
{
//destroys the login sessions
unset ($_SESSION);
session_destroy();
print '<html><head><title>Logout</title><link rel="stylesheet" type="text/css" href="style.css" /></head><body>';
//get the link to return
if ($_SERVER['HTTP_REFERER']) $link = $_SERVER['HTTP_REFERER'];
else $link = $_SERVER['PHP_SELF'];
print '<p align="center">You are logged out. Thank you for using Advanced Login System. A copy can be obtained from <a href="http://www.iqueststudios.com" target="_blank">www.iqueststudios.com</a></p><p align="center"><a href="'.$link.'">Continue</a></p>';
die();
}
else if (isset ($_POST['login']))
{
//link to stylesheet. change this to suit your own website
print '<link rel="stylesheet" type="text/css" href="style.css" />';
//check if the anti hacking cookie is set or has reached its limit
if (!isset ($_COOKIE['tries']) || $_COOKIE['tries'] != '0')
{

//define all the vars in case the server don't support the use of global vars
$username = strip_tags ($_POST['username']);
setcookie ('username2', $username);
$password = strip_tags ($_POST['password']);
$rmbpw = $_POST['rmbpw'];
//if there is need for image validation
if ($display_bot_image_login)
{
$code = $_POST['code'];
$realcode = $_POST['realcode'];
//incorrect number
if (md5($code) != $realcode)
{
if (isset ($_COOKIE['tries']))
{
//reduce the number of tries
$tries = $_COOKIE['tries'] - 1;
print '<p align="center">Invalid validation code.<b>'.$tries.'</b> tries left.</p><p align="center"><a href="'.$_SERVER['HTTP_REFERER'].'">Retry?</a></p>';
setcookie ('tries', $tries, time()+900, '/', '', 0);
die();
}
else
{
//set the cookie to hold the variable
print '<p align="center">Invalid validation code.<b>3</b> tries left.</p><p align="center"><a href="'.$_SERVER['HTTP_REFERER'].'">Retry?</a></p>';
setcookie ('tries', 3, time()+900, '/', '', 0);
die();
}
}
//continue
}
//encode the password in the same encoding as that stored in the db
$mpassword = md5($password);
//search for the user.
//check if there is need to validate the account and use suitable MySQL command
if ($need_to_validate_acct == TRUE)
{
$search_login = "SELECT * FROM ".$mysql_pretext."_users WHERE username='$username' AND password='$mpassword' AND validated='1'";
}
else
{
$search_login = "SELECT * FROM ".$mysql_pretext."_users WHERE username='$username' AND password='$mpassword'";
}
$search_login2 = mysql_query ($search_login) or die (mysql_error()) ;
$search_login3 = mysql_fetch_array ($search_login2);
mysql_close();

if ($search_login3)
{
//valid login!
if (isset ($rmbpw))
{
//set these cookie to remember the user next time he logs in.
setcookie ('username', $username, time()+1209600, '/', '', 0);
setcookie ('password', base64_encode ($password), time()+1209600, '/', '', 0);
}
else if(empty ($rmbpw) && isset ($_COOKIE['username']) && isset ($_COOKIE['password']))
{
//remove these cookie.
setcookie ('username', '', time()-60, '/', '', 0);
setcookie ('password', '', time()-60, '/', '', 0);
}
//start the sessions
session_start();
//remove the anti-hacking cookie
setcookie ('tries', '', time()-60, '/', '', 0);
$_SESSION['loggedin'] = $_POST['username'];
$_SESSION['time'] = time();
header ('Location: ./');
exit;
}
else
{
//invalid login!
if (isset ($_COOKIE['tries']))
{
//reduce the number of tries
$tries = $_COOKIE['tries'] - 1;
print '<p align="center">Invalid username and password combination or non-activated account.<b>'.$tries.'</b> tries left.</p><p align="center"><a href="'.$_SERVER['HTTP_REFERER'].'">Retry?</a></p>';
setcookie ('tries', $tries, time()+900, '/', '', 0);
die();
}
else
{
//set the cookie to hold the variable
print '<p align="center">Invalid username and password combination or non-activated account.<b>3</b> tries left.</p><p align="center"><a href="'.$_SERVER['HTTP_REFERER'].'">Retry?</a></p>';
setcookie ('tries', 3, time()+900, '/', '', 0);
die();
}
}

}
else
{
//block the computer from logging in
print '<p align="center">You have entered invalid data for 3 times in a row. Please wait 15 minutes to try again.</p><p align="center"><a href="'.$_SERVER['HTTP_REFERER'].'">Retry?</a></p>';
}
}
//if the user did not click login.
else
{
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Login</title>
<link rel="stylesheet" type="text/css" href="style.css" />
<script type="text/javascript">
function popUp(URL) {
day = new Date();
id = day.getTime();
eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=0,location=0,statusbar=1,menubar=0,resizable=0,width=400,height=300,left = 337,top = 159');");
}
</script>
</head>
<body>
<center><img src="logo.jpg" width="400" height="64" alt="Advanced Login System" align="middle" /></center>
<table width="400" border="1" cellspacing="1px" cellpadding="5px" align="center" style="border-style:solid; border-width:2px; border-collapse:collapse;" cellspacing="0px">
<tr bgcolor="#666666" height="25px">
<td><div class="heading">Login</div></td>
</tr>
<tr bgcolor="#CCCCCC" height="150">
<td valign="top">
Welcome to our site.Please login below to access our resources.
<form action="<?php //print $_SERVER['PHP_SELF']; ?>" method="post" name="login">
Username:<input type="text" name="username" value="<?php if (isset ($_COOKIE['username'])){print $_COOKIE['username'];}?>" size="20" /><br />
Password: <input type="password" name="password" value="<?php if (isset ($_COOKIE['password'])){print base64_decode ($_COOKIE['password']);}?>" size="20" /><br />
<?php
if ($display_bot_image_login)
{
$imgtxt = rand(1000,9999);
print "<input type=\"hidden\" name=\"realcode\" value=\"".md5($imgtxt)."\" />";
print "Enter the number below:<input type=\"text\" name=\"code\" size=\"4\" maxlength=\"4\" /><br /><img src=\"makeimg.php?imgtxt=".base64_encode ($imgtxt)."\" /><br />";
print "<br />";
}
?>
Remember Pass? <input type="checkbox" name="rmbpw" <?php if (isset ($_COOKIE['password'])){print "checked=checked";} ?> />
<input type="submit" value="Login" name="login" <?php if ($_COOKIE['tries'] <= 0 && isset ($_COOKIE['tries'])) {print 'disabled="disabled"'; } ?> />
</form>
<? if ($allow_guest_to_register)
{
?>
<a href="#" onClick="popUp('register.php')">Register | </a>
<? } ?>
<a href="#" onClick="popUp('reset.php')">Forgot Password?</a>
</td>
</tr>
</table>
<hr align="center" width="400px" />
</body>
</html>
<?php
}
ob_end_flush();
?>


Second, how would I make that script create a cookie with the username in it, so I can have PHP recall it later as a variable?

Spookster
11-08-2006, 08:21 AM
You are already storing the username in a session variable.

$_SESSION['loggedin'] = $_POST['username'];

You can access that session variable at anytime in any page as long as you use the session_start() function at the top of the file and then just access the variable as $_SESSION['loggedin']

raf
11-08-2006, 08:37 AM
You are already storing the username in a session variable.

$_SESSION['loggedin'] = $_POST['username'];

You can access that session variable at anytime in any page as long as you use the session_start() function at the top of the file and then just access the variable as $_SESSION['loggedin']maybe he just want's to store it in a more persistent location, like a cookie, so that he can automatically fill in the username when the user revisits his site...

Crazydog,
i didn't go through all your code, but i think you just need to change


setcookie ('username2', $username);

into


setcookie ('username2', $username, time()+60*60*24*30);

which will make the cookie persist for 30 days.

Crazydog
11-08-2006, 08:45 AM
hm. I don't know what I did, but now its working..

Thanks, I guess :P



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum