session: register + verification email + login. Need help!

Dax

Hi, i just learned how to use sessions, but i think that when u close the browser it expires, im not sure if theres a way to do this but, heres what i am doing: I made a register page(sends verification email), a verification thing(registers to database), and a login(starts another session to make user "logged on" in the login required pages).

Heres register page:

<?

session_start();

if ((!$name) || (!$email) || (!$username) || (!$password) || (!$country) || (!$address) || (!$city)) {
	header("Location: [url]http://*******/show_adduser.html[/url]");
	exit;
} 

$verifyit = "---IF YOU DID NOT REGISTER TO ***** DELETE THIS EMAIL---\n\n";
$verifyit .= "---To complete your registration click here---:\n";
$verifyit .= "*****/verify.php \n\n";
$verifyit .= "---Here is the information you sent us---:\n";
$verifyit .= "Name:\t$name\n";
$verifyit .= "Email:\t$email\n";
$verifyit .= "username:\t$username\n";
$verifyit .= "password:\t$password\n\n";
$verifyit .= "Address:\t$address\n";
$verifyit .= "Fax:\t$fax\n";
$verifyit .= "Phone:\t$phone\n";
$verifyit .= "City:\t$city\n";
$verifyit .= "Country:\t$country\n";
$verifyit .= "State:\t$state\n";
$verifyit .= "Zip code:\t$zip\n";
$verifyit .= "IP address:\t$REMOTE_ADDR\n\n";
$verifyit .= "---Please do not reply to this email! Thank you for registering---\n\n";

$to = "$email";
$subject = "******";
$mailheaders = "From: ***** <> \n";
$mailheaders .= "Reply-To: *******\n\n";

mail($to, $subject, $verifyit, $mailheaders);

session_register('valid');
session_register('namev');
session_register('emailv');
session_register('usernamev');
session_register('passwordv');
session_register('addressv');
session_register('faxv');
session_register('phonev');
session_register('countryv');
session_register('cityv');
session_register('statev');
session_register('zipv');
session_register('ip');

$valid = "yes";
$namev = $name;
$emailv = $email;
$usernamev = $username;
$passwordv = $password;
$addressv = $address;
$faxv = $fax;
$phonev = $phone;
$countryv = $country;
$cityv = $city;
$statev = $state;
$zipv = $zip;
$ip = $REMOTE_ADDR;
?>

<HTML>
<HEAD>
<TITLE>Add a User</TITLE>
</HEAD>
<BODY>

An email has been sent to you for verification, incase of users putting false emails,<br> please check your e-mail inbox to complete register...<br>

</BODY>
</HTML>

Heres the verification script:

<?
if ($valid == "yes") {
$db_name = "*****";
$table_name = "users";

$connection = @mysql_connect("localhost", "**", "****") 
	or die("Couldn't connect.");

$db = mysql_select_db($db_name, $connection)
	or die("Couldn't select database.");

$sql = "INSERT INTO $table_name 
	(name, email, username, password)
	VALUES 
	(\"$namev\", \"$emailv\",\"$usernamev\",password(\"$passwordv\"))
	";

$result = mysql_query($sql,$connection)
	or die("Couldn't execute query.");

$msg = "Registration completed from ********\n";
$msg .= "Name:\t$namev\n";
$msg .= "Email:\t$emailv\n";
$msg .= "username:\t$usernamev\n";
$msg .= "password:\t$passwordv\n";
$msg .= "Address:\t$addressv\n";
$msg .= "Fax:\t$faxv\n";
$msg .= "Phone:\t$phonev\n";
$msg .= "City:\t$cityv\n";
$msg .= "Country:\t$countryv\n";
$msg .= "State:\t$statev\n";
$msg .= "Zip code:\t$zipv\n";
$msg .= "IP address:\t$ipv\n";

$to = "*******";
$subject = "Registration submitted from ****";
$mailheaders = "From: **** <> \n";
$mailheaders .= "Reply-To: $emailv\n\n";

mail($to, $subject, $msg, $mailheaders);

} else {
    header("Location: [url]http://*********/show_adduser.html[/url]");
    exit;
}
?>

<HTML>
<HEAD>
<TITLE>Add a User</TITLE>
</HEAD>
<BODY>

Congradulations you have been registered:<br>
Click <a href="http://*******/show_login.html">here</a> to login!!!
<img src="registered!.png"><br>

Heres the login page:

<?
session_start();

if ((!$username) || (!$password)) {
	header("Location: [url]http://*****/show_login.html[/url]");
	exit;
} 


$db_name = "*****";
$table_name = "users";

$connection = @mysql_connect("localhost", "****", "***") 
	or die("Couldn't connect.");

$db = mysql_select_db($db_name, $connection)
	or die("Couldn't select database.");

$sql = "SELECT * FROM $table_name
	WHERE username = \"$username\" AND password = password(\"$password\")
	"; 

$result = mysql_query($sql) 
        or die ("Can't execute query."); 

$num = mysql_numrows($result); 

if ($num != 0) { 

session_register('userok');

$userok = "yes";

$msg = "<img src='loggedin.png'><br><P>Congratulations, you're authorized! Go <a href='javascript:history.go(-2)'>back</a> or <br>go to our <a href='memberpage.php'>members page</a> and enjoy our services!</p>";

} else { 

header("Location: [url]http://*******/show_login.html[/url]");
exit;
} 

?> 

<HTML>
<HEAD>
<TITLE>Member Area</TITLE>
</HEAD>
<BODY>

<? echo "$msg"; ?>

</BODY>
</HTML>

THANKS FOR YOUR TIME, please reply ASAP, i **** the personal information, i dont want people to know my info.

sarahk

When a user logins in for the first time you can set two cookies, one with their user name and one with their password.

Then when a user comes along who doesn't have a session with them logged in (ie return visit weeks, days later) the code can check for the cookie. If it's there they get auto logged in. If not, then they see the login code.

Cookies are stored in the session headers, so they have to be set before anything is output to the browser.

hope this helps.