Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    Regular Coder
    Join Date
    May 2005
    Posts
    224
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Save username in a cookie.

    First, here is the login script I am using
    PHP Code:
    <?php
    /* DO NOT EDIT THIS FILE UNLESS YOU KNOW WHAT YOU ARE DOING! */

    //this function disables errors when header code is not on the 1st line of code.
    ob_start();
    //include the configuration file. fatal error if file doesn't exist
    require ("config.php");
    //checking of sql database
    $check_db "SELECT * FROM ".$mysql_pretext."_users";
    if (!
    mysql_query ($check_db))
    {
        
    //if tables doesn't exist,then install the tables
        
    include ("install.php");
    }
    else
    {
        
    //checking of install file
        
    if (file_exists ("install.php")) die ("<font color=\"red\">FATAL ERROR. INSTALL.PHP EXISTS! POSSIBLE SECURITY RISK! TERMINATING PROGRAM</font>");
    }
    session_start(); 
    //check if the use is logged in 1st. If not logged in,why bother logging them out?
    if (isset ($_SESSION['loggedin']) && isset ($_SESSION['time']))
    {
        
    //destroys the login sessions
        
    unset ($_SESSION);
        
    session_destroy();
        print 
    '<html><head><title>Logout</title><link rel="stylesheet" type="text/css" href="style.css" /></head><body>';
        
    //get the link to return
        
    if ($_SERVER['HTTP_REFERER']) $link $_SERVER['HTTP_REFERER'];
        else 
    $link $_SERVER['PHP_SELF'];
        print 
    '<p align="center">You are logged out. Thank you for using Advanced Login System. A copy can be obtained from <a href="http://www.iqueststudios.com" target="_blank">www.iqueststudios.com</a></p><p align="center"><a href="'.$link.'">Continue</a></p>';
        die();
    }
    else if (isset (
    $_POST['login']))
    {
        
    //link to stylesheet. change this to suit your own website
        
    print '<link rel="stylesheet" type="text/css" href="style.css" />';
        
    //check if the anti hacking cookie is set or has reached its limit
        
    if (!isset ($_COOKIE['tries']) || $_COOKIE['tries'] != '0')
        {
            
            
    //define all the vars in case the server don't support the use of global vars
            
    $username strip_tags ($_POST['username']);
                    
    setcookie ('username2'$username);
            
    $password strip_tags ($_POST['password']);
            
    $rmbpw $_POST['rmbpw'];
            
    //if there is need for image validation
            
    if ($display_bot_image_login)
            {
                
    $code $_POST['code'];
                
    $realcode $_POST['realcode'];
                
    //incorrect number
                
    if (md5($code) != $realcode)
                {
                    if (isset (
    $_COOKIE['tries']))
                    {
                        
    //reduce the number of tries
                        
    $tries $_COOKIE['tries'] - 1;
                        print 
    '<p align="center">Invalid validation code.<b>'.$tries.'</b> tries left.</p><p align="center"><a href="'.$_SERVER['HTTP_REFERER'].'">Retry?</a></p>';
                        
    setcookie ('tries'$triestime()+900'/'''0);
                        die();
                    }
                    else
                    {
                        
    //set the cookie to hold the variable
                        
    print '<p align="center">Invalid validation code.<b>3</b> tries left.</p><p align="center"><a href="'.$_SERVER['HTTP_REFERER'].'">Retry?</a></p>';
                        
    setcookie ('tries'3time()+900'/'''0);
                        die();
                    }                
                }
                
    //continue
            
    }
            
    //encode the password in the same encoding as that stored in the db
            
    $mpassword md5($password);
            
    //search for the user.
            //check if there is need to validate the account and use suitable MySQL command
            
    if ($need_to_validate_acct == TRUE
            { 
                
    $search_login "SELECT * FROM ".$mysql_pretext."_users WHERE username='$username' AND password='$mpassword' AND validated='1'"
            }
            else 
            {
                
    $search_login "SELECT * FROM ".$mysql_pretext."_users WHERE username='$username' AND password='$mpassword'";
            }
            
    $search_login2 mysql_query ($search_login) or die (mysql_error()) ;
            
    $search_login3 mysql_fetch_array ($search_login2);
            
    mysql_close();
            
            if (
    $search_login3
            {
                
    //valid login!
                
    if (isset ($rmbpw))
                {
                    
    //set these cookie to remember the user next time he logs in.
                    
    setcookie ('username'$usernametime()+1209600'/'''0); 
                    
    setcookie ('password'base64_encode ($password), time()+1209600'/'''0);
                }
                else if(empty (
    $rmbpw) && isset ($_COOKIE['username']) && isset ($_COOKIE['password']))
                {
                    
    //remove these cookie.
                    
    setcookie ('username'''time()-60'/'''0); 
                    
    setcookie ('password'''time()-60'/'''0);
                }
                
    //start the sessions
                
    session_start();
                
    //remove the anti-hacking cookie
                
    setcookie ('tries'''time()-60'/'''0);
                
    $_SESSION['loggedin'] = $_POST['username'];
                
    $_SESSION['time'] = time();
                
    header ('Location: ./');
                exit;
            } 
            else 
            {
                
    //invalid login!
                
    if (isset ($_COOKIE['tries']))
                {
                    
    //reduce the number of tries
                    
    $tries $_COOKIE['tries'] - 1;
                    print 
    '<p align="center">Invalid username and password combination or non-activated account.<b>'.$tries.'</b> tries left.</p><p align="center"><a href="'.$_SERVER['HTTP_REFERER'].'">Retry?</a></p>';
                    
    setcookie ('tries'$triestime()+900'/'''0);
                    die();
                }
                else
                {
                    
    //set the cookie to hold the variable
                    
    print '<p align="center">Invalid username and password combination or non-activated account.<b>3</b> tries left.</p><p align="center"><a href="'.$_SERVER['HTTP_REFERER'].'">Retry?</a></p>';
                    
    setcookie ('tries'3time()+900'/'''0);
                    die();
                }
            }
            
        }
        else 
        {
            
    //block the computer from logging in
            
    print '<p align="center">You have entered invalid data for 3 times in a row. Please wait 15 minutes to try again.</p><p align="center"><a href="'.$_SERVER['HTTP_REFERER'].'">Retry?</a></p>';
        }
    }
    //if the user did not click login.
    else
    {
    ?>
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
    "http://www.w3.org/TR/html4/loose.dtd">
    <html>
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    <title>Login</title>
    <link rel="stylesheet" type="text/css" href="style.css" />
    <script type="text/javascript">
    function popUp(URL) {
    day = new Date();
    id = day.getTime();
    eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=0,location=0,statusbar=1,menubar=0,resizable=0,width=400,height=300,left = 337,top = 159');");
    }
    </script>
    </head>
    <body>
    <center><img src="logo.jpg" width="400" height="64" alt="Advanced Login System" align="middle" /></center>
    <table width="400" border="1" cellspacing="1px" cellpadding="5px" align="center"  style="border-style:solid; border-width:2px; border-collapse:collapse;" cellspacing="0px">
      <tr bgcolor="#666666" height="25px">
        <td><div class="heading">Login</div></td>
      </tr>
      <tr bgcolor="#CCCCCC" height="150">
        <td valign="top">
        Welcome to our site.Please login below to access our resources.
        <form action="<?php //print $_SERVER['PHP_SELF']; ?>" method="post" name="login">
        Username:<input type="text" name="username" value="<?php if (isset ($_COOKIE['username'])){print $_COOKIE['username'];}?>" size="20" /><br />
        Password: <input type="password" name="password" value="<?php if (isset ($_COOKIE['password'])){print base64_decode ($_COOKIE['password']);}?>" size="20" /><br />
        <?php 
        
    if ($display_bot_image_login)
        {
            
    $imgtxt rand(1000,9999);
            print 
    "<input type=\"hidden\" name=\"realcode\" value=\"".md5($imgtxt)."\" />";
            print 
    "Enter the number below:<input type=\"text\" name=\"code\" size=\"4\" maxlength=\"4\" /><br /><img src=\"makeimg.php?imgtxt=".base64_encode ($imgtxt)."\" /><br />";
            print 
    "<br />";
        }
        
    ?>
        Remember Pass? <input type="checkbox" name="rmbpw" <?php if (isset ($_COOKIE['password'])){print "checked=checked";} ?> />
        <input type="submit" value="Login" name="login" <?php if ($_COOKIE['tries'] <= && isset ($_COOKIE['tries'])) {print 'disabled="disabled"'; } ?> />
        </form>
        <? if ($allow_guest_to_register)
        {
        
    ?>
        <a href="#" onClick="popUp('register.php')">Register | </a>
        <? ?>
        <a href="#" onClick="popUp('reset.php')">Forgot Password?</a>
        </td>
      </tr>
    </table>
    <hr align="center" width="400px" />
    </body>
    </html>
    <?php 
    }
    ob_end_flush();
    ?>
    Second, how would I make that script create a cookie with the username in it, so I can have PHP recall it later as a variable?

  • #2
    Supreme Overlord Spookster's Avatar
    Join Date
    May 2002
    Location
    Marion, IA USA
    Posts
    6,273
    Thanks
    4
    Thanked 83 Times in 82 Posts
    You are already storing the username in a session variable.

    $_SESSION['loggedin'] = $_POST['username'];

    You can access that session variable at anytime in any page as long as you use the session_start() function at the top of the file and then just access the variable as $_SESSION['loggedin']
    Spookster
    CodingForums Supreme Overlord
    All Hail Spookster

  • #3
    raf
    raf is offline
    Master Coder
    Join Date
    Jul 2002
    Posts
    6,589
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Spookster View Post
    You are already storing the username in a session variable.

    $_SESSION['loggedin'] = $_POST['username'];

    You can access that session variable at anytime in any page as long as you use the session_start() function at the top of the file and then just access the variable as $_SESSION['loggedin']
    maybe he just want's to store it in a more persistent location, like a cookie, so that he can automatically fill in the username when the user revisits his site...

    Crazydog,
    i didn't go through all your code, but i think you just need to change
    PHP Code:
    setcookie ('username2'$username); 
    into
    PHP Code:
    setcookie ('username2'$usernametime()+60*60*24*30); 
    which will make the cookie persist for 30 days.
    Posting guidelines I use to see if I will spend time to answer your question : http://www.catb.org/~esr/faqs/smart-questions.html

  • #4
    Regular Coder
    Join Date
    May 2005
    Posts
    224
    Thanks
    1
    Thanked 0 Times in 0 Posts
    hm. I don't know what I did, but now its working..

    Thanks, I guess :P


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •