login with cookies

Anon

Does anyone want to help me get started with cookies and login?

I`m trying to use cookies to login. So if anyone have a tip to start with, for example:
* how to get set the 'login-state'?

I`m having a button to log in with. I want to use setCookie(), but how, and how should I get this cookie so I can get into the 'login-state', by printing "Hello XXX, you are now logged in" --> and preserving this for all my sites?

I hope something of this made any sense...

Thanks a lot!!
tor

fandelem

go with sessions instead of cookies. why? because sessions work regardless if a user has cookies disabled. what happens then if you base login with cookies? the user cannot login. very bad indeed. you want to use cookies only optionally for things such as "remember my login" and for personalization. use sessions for login in all other cases.

here are my functions for cookies that i use with a database

function auth() {
// this will return TRUE(1) if user matches password and username
// and will return FALSE(0) if user does not match
// test by: if ( !auth() ) { echo "access denied";exit; }

global $PHP_AUTH_USER,$PHP_AUTH_PW; // needed.

if ( !isset($PHP_AUTH_USER) ) {
header('WWW-Authenticate: Basic realm="Admin Area"');
header ('HTTP/1.0 401 Unauthorized');
echo 'Authorization Required.';
return 0;
}

else if ( isset($PHP_AUTH_USER) ) {
if ( ($PHP_AUTH_USER != "admin") || ($PHP_AUTH_PW != "admin123") ) {
header('WWW-Authenticate: Basic realm="Admin Area"');
header ('HTTP/1.0 401 Unauthorized');
echo 'Authorization Required.';
return 0;
} else {
return 1;
}
}
}
function insert_cookie($unique_id, $expiry, $user_id) {
/ table looks like:
CREATE TABLE session (
id tinyint(11) NOT NULL auto_increment,
user_id tinyint(11) DEFAULT '0' NOT NULL,
session_id char(32) DEFAULT '0' NOT NULL,
expiry char(10) DEFAULT '0' NOT NULL,
PRIMARY KEY (id)
);
/
global $DB_CONF;

    // incoming: user_id, session_id(uniqueid), expiry

    $sql = "INSERT into {$DB_CONF["table_session"]} (user_id, session_id, expiry)
    VALUES (\"$user_id\",\"$unique_id\",\"$expiry\")";
    $sql_result = mysql_query($sql) or die ("Couldn't execute query. (message_database()) ".mysql_error());
    if ( !$sql_result ) { return 0; }
    else { return 1; }

}
function check_cookie($id) {
global $DB_CONF;

    $sql = "SELECT * FROM {$DB_CONF['table_session']} where session_id='$id'";
    $sql_result = mysql_query($sql) or die ("Couldn't execute query. (message_database()) ".mysql_error());
    if ( !$sql_result ) { return 0; }

    while ($row = mysql_fetch_array($sql_result)) {
            $user_id = $row['user_id'];
            $expiry = $row['expiry'];
    }

    $current_time = time();
    if ( $current_time > $expiry ) { // let's update cookie
          $expiry = time()+99999999;
          setcookie("id", $unique_id, $expiry,"/", ".$HTTP_HOST", "0");
          $sql = "UPDATE {$DB_CONF['table_session']}
          set expiry = \"$expiry\" where session_id = \"$id\"";
          $sql_result = mysql_query($sql) or die ("Couldn't execute query. (message_database()) ".mysql_error());
    }

    if ( $user_id > '0' ) { // they matched against session database
         return $user_id;
    }
    else {
          // okay.. old cookie, let's remove it from them&database
          clear_cookie($id);
          return 0;
    }

}
function clear_cookie($id) {
global $DB_CONF, $HTTP_COOKIE_VARS;

    // clears cookie from user
    setcookie("id","","","/", ".$HTTP_HOST", "0");
    // clears cookie from database
    $sql = "DELETE FROM {$DB_CONF['table_session']} where session_id='$id'";
    $sql_result = mysql_query($sql) or die ("Couldn't execute query. (message_database()) ".mysql_error());

    return;

}

hope any of this could help,

do a search on www.php.net for "session_start" and you will be able to find a wealth of information

~kyle