can anybody see a way around this?

Mega

$User = new User;

class User{

var $details = array();

function User()
{
	global $DB;

	if( isset( $_COOKIE['tool_userid'] ) && isset( $_COOKIE['tool_pass'] ) ){

		$DB->query("SELECT * FROM tool_users WHERE uid = {$_COOKIE['tool_userid']} AND password = '{$_COOKIE['tool_pass']}'");

		if( $DB->numrows > 0 ){
			$this->details = mysql_fetch_array( $DB->query );
			$this->details['loggedin'] = 1;
			echo 'in';
		}

	}else{
		echo 'out';
			$this->details['loggedin'] = 0;
			$this->details['groupid'] = 1;
			$this->details['username'] = 'Guest';
			$this->details['uid'] = 1;
	}
}
}

echo $User->details['loggedin'];

say if you are not logged in, is there any way of making the script say "1"

is there a more secure way of logging in, I see big complex scripts, but they r just more of a round about way of the exact same thing.

jerdo

You could always try using .htaccess/.htpasswd for logging in then you just have to check for the existance of $PHP_AUTH_USER

Mega

Originally posted by jerdo
You could always try using .htaccess/.htpasswd for logging in then you just have to check for the existance of $PHP_AUTH_USER

i meant using a form, that is more secure tho 🙂