arne2
08-12-2006, 06:10 PM
Hi, i have a website with a login page and a page where members can change their password.
The problem is that when they change their password, their cookie should be updated with the new password.
I tried it but it's not working. Here are the parts of code you'll probably need:
passwordchangepage.php
(..)$username=$_COOKIE['usn'];
$hash=$_COOKIE['hash'];
$id=$_COOKIE['id'];
//$npw=the post value of the new password field (but in md5) so:
$npw=md5($_POST['npw']);
(..)
$msg="Your password has been changed. An email is sent to you with your new login details.<br>";
$color='green';
//UPDATE COOKIE
setcookie("id", $id, time()+3600);
setcookie("usn", $username, time()+3600);
setcookie("pw", $npw, time()+3600);
setcookie("hash", $hash, time()+3600);
(..)
//
Login.php
$hash = rand(9999, 9999999);
@mysql_query("UPDATE members SET hash='".$hash."' WHERE id='".$row['id']."'");
setcookie("id", $row['id'], time()+$_POST['timeloggedin']);
setcookie("usn", $row['username'], time()+$_POST['timeloggedin']);
setcookie("pw", $row['password'], time()+$_POST['timeloggedin']);
setcookie("hash", $hash, time()+$_POST['timeloggedin']);
function to see weither somebody is logged in or not:
function ingelogd(){
if(!empty($_COOKIE['id']) AND !empty($_COOKIE['pw']) AND !empty($_COOKIE['hash'])){
$query = @mysql_query("SELECT * FROM members WHERE id='".$_COOKIE['id']."' AND password='".$_COOKIE['pw']."' AND hash='".$_COOKIE['hash']."'");
$aantal = mysql_num_rows($query);
} else {
$aantal = 0;
}
return $aantal;
}
I get the message that the password has been changed etc so it is executing the code ! It's just that when i refresh / visit another memberspage, i get 'you are not logged in (because ingelogd()=false)
The problem is that when they change their password, their cookie should be updated with the new password.
I tried it but it's not working. Here are the parts of code you'll probably need:
passwordchangepage.php
(..)$username=$_COOKIE['usn'];
$hash=$_COOKIE['hash'];
$id=$_COOKIE['id'];
//$npw=the post value of the new password field (but in md5) so:
$npw=md5($_POST['npw']);
(..)
$msg="Your password has been changed. An email is sent to you with your new login details.<br>";
$color='green';
//UPDATE COOKIE
setcookie("id", $id, time()+3600);
setcookie("usn", $username, time()+3600);
setcookie("pw", $npw, time()+3600);
setcookie("hash", $hash, time()+3600);
(..)
//
Login.php
$hash = rand(9999, 9999999);
@mysql_query("UPDATE members SET hash='".$hash."' WHERE id='".$row['id']."'");
setcookie("id", $row['id'], time()+$_POST['timeloggedin']);
setcookie("usn", $row['username'], time()+$_POST['timeloggedin']);
setcookie("pw", $row['password'], time()+$_POST['timeloggedin']);
setcookie("hash", $hash, time()+$_POST['timeloggedin']);
function to see weither somebody is logged in or not:
function ingelogd(){
if(!empty($_COOKIE['id']) AND !empty($_COOKIE['pw']) AND !empty($_COOKIE['hash'])){
$query = @mysql_query("SELECT * FROM members WHERE id='".$_COOKIE['id']."' AND password='".$_COOKIE['pw']."' AND hash='".$_COOKIE['hash']."'");
$aantal = mysql_num_rows($query);
} else {
$aantal = 0;
}
return $aantal;
}
I get the message that the password has been changed etc so it is executing the code ! It's just that when i refresh / visit another memberspage, i get 'you are not logged in (because ingelogd()=false)