cookie detect/redirect

Anon

I have developed a login system for users of my website, whereby once they have regsitered a cookie is sent to their machine so they can enter member areas etc.

However, i have not been able to workout how to detect if the user has registered or not? i.e if they have not registered, redirect them to the sign-up page - if they have joined, let them continue....

I basically need a small bit of code to put at the top of every page i need to protect.

i used the below - it didn;t work...

<?php
if (!isset ($site_user) && ($site_pass)) {
header ("Location: http://www.XXmysiteXX.com/signup.php");
exit;
}

?>

Any help??

Thanks in advance

Jim

crowezr

All you really need to do is look for the presence of one of the cookie variables.
i.e. ->
if(!$site_user)
{
echo 'Please register.';
}
else
{
echo 'Welcome back!';
}

frymaster

that looks like you've put your password in a cookie on the user's machine. maybe that's not a good idea.

the problem with cookie-based login systems is that users can hijack another account if you aren't careful. ie, if you have two users jack and bob and bob opens up his site_user cookie and changes the content to "jack" will he suddently have jack's account?