03-26-2009, 03:24 PM
got a problem, when i login into my site and then close the website, i view the profile and it says still logged in, but when i go back onto the site it tells me to login again, is there a way so that when i go back to the website im still logged in until i logout?
03-26-2009, 03:40 PM
is there a way so that when i go back to the website im still logged in until i logout? login is purely a conceptual thing and we can't help until you provide the details of your login-system or some relevant code.
03-26-2009, 03:50 PM
Okay sorry, here is my login script.
$db = mysql_connect($dbHost,$dbUser,$dbPass); // Connection Code
mysql_select_db($dbname,$db); // Connects to database
$username = $_POST['username'];
$password = $_POST['password'];
$sql = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
$que = mysql_query($sql);
if(mysql_num_rows($que) == 1)
$sql2 = "SELECT * FROM `users` WHERE `id` = '$username' ";
$qry = mysql_query($sql2) or die(mysql_error());
$post = mysql_fetch_array($qry);
$get_id = "SELECT `id` FROM `users` WHERE `username` = '$username' ";
$info = mysql_query($get_id) or die(mysql_error());
$row = mysql_fetch_array($info);
$sql1 = "UPDATE `users` SET active='1' WHERE ID ='$row[id]' ";
$ins = mysql_query($sql1) or die(mysql_error());
$_SESSION['username'] = $_POST['username'];
echo "<font color=\"red\"> Error Wrong Login Details </font>";
echo "<a href=\"login.php\">Login Page</a>";
03-26-2009, 05:08 PM
you'll either need $_SESSION or $_COOKIE handling i would think.
03-26-2009, 05:46 PM
Use SESSION, it is 10X better then COOKIES and have higher security.
03-26-2009, 05:52 PM
but less persistant, right?
03-26-2009, 06:10 PM
Use $_COOKIE if you want to be logged back in after closing your browser, if not use $_SESSION, read up on the php.net website.
03-26-2009, 06:52 PM
Also, I HIGHLY recommend you add some data checking on your username and password fields. As it appears in this script (assuming no magic quote escapes) a user would be able to maliciously override the password requirement of your field and gain access to your administration.
Try $username = addslashes( html_entities( $_POST['username'] ) ); on the username and password at the very least!
03-26-2009, 07:05 PM
Read this up, it is very useful:
03-26-2009, 07:51 PM
03-26-2009, 07:52 PM
03-26-2009, 07:55 PM
Okay, can u give me show me how please? im no good with cookies xD
03-26-2009, 08:01 PM
you got to read up the implementation first(the link on top)...
With this you can auto login the user at any page, just like how you are remembered by this forum.. :D
03-26-2009, 08:08 PM
I read it, but doesnt tell me how to do cookies xD
i have done
setcookie("user", "username", time()+3600);
would this work?
03-26-2009, 08:25 PM
yes that would set a cookie call user, with the value of username and expire in a hour..
get a firefox and use this plugin:
You can see your cookie with this, it is a must for web developer.
03-26-2009, 08:47 PM
Thanks alot kokjj87 that helped alot understand it now :)