...

View Full Version : remember Me



ycpc55
07-25-2012, 02:10 AM
Hi everyone
i was wondering if anyone can tell me of a good place to get a tutorial that is up to date, on how to add a remember me to my site. I made up this little script to add, but something is tell me that it can be done better and also its not working lol as of yet thanks...


if ($rememberMe == "rememberMe"){
$rememberMe = "1";
}else{
$rememberMe = "0";
}
//Code here
if($rememberMe=="1"){
setcookie("rememberCookiename",$user,(time()+604800));
setcookie("rememberCookiePass",md5($pass),(time()+604800));
}
header("Location: users");
}
else{
$datetime = date("d")*10000000000 + date("m")*100000000 + date("Y")*10000 + date("G")*100 + date("i");

Keleth
07-25-2012, 03:24 PM
Why why WHY would you store the password in an already cracked encoding scheme to a cookie the user can read? DON'T!!! md5 is not secure in the least, hasn't been for a while.

That being said, by remember me, you mean just writing a cookie that logs a user in automatically if its set? If so, you've already done that, what's the issue? That's really all there is to it: if the user is logged in, write a cookie, and if the user isn't logged in, check if the cookie is set. But you don't wanna to something as simple as the user name, and you NEVER wanna store a password.

Instead, store a hashed string (often I go for stuff like username + date registered + salt phrase). Compare that hashed string to what you expect, if it matches, log the user in, if not, delete the cookie.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum