session_id and cookies help

MrPotatoes

ok, i figured out what i was doing wrong before. i tested and tested and got it correct. thing seems to be in my member class. i cannot seem to get it to keep the cookie and i don't know where i'm going wrong. this is the whole class. there

odd thing is that i can't even seem to get it to read the cookie correctly. i wanted to serialize all of my sessions stuff into a cookie but i was going to bother about that later once i had this going.

the way that it works currently is that i have the init. then i call the login if i want to loginto the site. then obviously logout. my cookies last 3 months just for the sake of testing.

function init() wrote:
this is to initalize everything. checks to see if the user has a cookie then login based upon that (which is where i'm having trouble)

function login() wrote:
logs the user in. no problems here

function logout() wrote:
clears the cookie, sets an array to an empty one and then clear and destroy the session

i wanted to have the whole CMS work off of Sessions and the cookie is really like a memory card for me. i'll really only read it to see if it's someone and then load it all up into sessions. i planned to make a user_information class for this. thanx for your help 😃

<?php

class spuds_member
{
    var $failed             = false;    // failed login attempt
    var $cookie_set         = false;    // is there a cookie?
    var $id                 = NULL;     // the current user's id
    var $date;                          // current date GMT
    var $usr;                           // we set the user shit in here
    var $pwd;                           // the password 

    function print_debug()
    {
        if ($this->cookie_set)
        {
            echo '<BR>';
            echo 'there <u><B>is a</B></u> cookie set<BR>';
            echo $this->usr .'<BR>';
            echo $this->pwd .'<BR>';
        }
        else
        {
            echo '<BR>';
            echo 'there <u><B>is no</b></u> cookie set<BR>';
            echo 'there <u><B>is no</b></u> cookie password<BR>';
            echo 'there <u><B>is no</b></u> cookie username<BR>';
        }
    }

    //----------------------------------------------------------------|
	// Function: init()
	// Purpose: set up the member globally and quickly
    // Notes:   none
	//----------------------------------------------------------------|
    function init($ip)
    {
        // check to see if there is a member cookie
        // ifnot it does not load anything and it should have to make you login

        global $CMS_CONFIG, $SPUDS_SESS;

        $cookiename     = $SPUDS_SESS['cookie']['member'];

        // check and load the member cookie
        if (isset($_COOKIE[$cookiename]))
            $this->cookie_set = true;

        // do stuff according to the cookie
        if ($this->cookie_set)
        {
            //unset($SPUDS_SESS['session_start']); // re-initialize session
            //$_SESSION['SPUDS_USER'] = false;

            $cookie = explode(':', base64_decode($cookie));

            $this->usr = $cookie[0];
            $this->pwd = $cookie[1];

            //$this->login($cookie[0], $cookie[1], true);

            //check cookie
            /*if (isset($_COOKIE['login_cookie']))        // same as above
            {
                list($user, $pass) = explode('[]', $_COOKIE['login_cookie']);
                $qu = mysql_query("SELECT `user_password` FROM `members` WHERE `username` = '".addslashes($user)."'");

                if (mysql_num_rows($qu) == 1)
                {
                    $passw = mysql_fetch_object($qu);
                    if ($passw->user_password == $pass)
                    {
                        $_SESSION['logged_in'] = 1;
                        $_SESSION['username'] = $user;
                        $_SESSION['password'] = $pass;
                    }
                }
            }*/
        }
        else
        {
            // make a temproray cookie for a guest that is visiting
            echo "<font color=ff0000><B>there is no cookie<B></font>";
        }
    }

    //----------------------------------------------------------------|
	// Function:    login()
	// Input:       none
	// Returns:     none, this is a constructor
	// Purpose:     login the user via IP
    // Notes:       none
	//----------------------------------------------------------------|
    function login($username, $password, $persistant)
    {
        global $db, $SPUDS_SESS;
        $ip     = getenv(REMOTE_ADDR);
        $pass_encrypt = md5($password);            

        $username = stripcslashes($username);

        // check if the user info validates the db 
        $sql = $db->query(" SELECT * FROM users WHERE
                            username='$username' AND
                            password='$password' AND
                            activated='1'");

        $login_check = $db->num_rows($sql);

        // $result = $db->sql_query('SELECT user_id, username, user_password, user_level, theme FROM '.$user_prefix."_users WHERE username='$username' AND user_id>1");

        // if ($db->sql_numrows($result) < 1)

        if (!$login_check)  // if it's less than one give an error page
        {
            echo 'that wasn\'t right now was it?';                
            // need to check if they tried to login more than once.  then setup some precationary stuff
        }

        if ($login_check)   // if it's more than one log the dude in
        {
            while($row = $db->fetch_array($sql))
            { 
                foreach( $row AS $key => $val )
                { 
                    $key = stripslashes( $val ); 
                }

                $this->set_userinfo_array();

                $db->query("UPDATE users SET last_login = now() WHERE userid = '$userid'");  

                // retart the session because they are logging in
                //unset($SPUDS_SESS['session_start']);

                if ($persistant)
                {
                    $data = base64_encode("$username:$password");

                    $time = time()+60*60*24*30*3;  // doesn't seem to matter yet
                    setcookie($SPUDS_SESS['cookie']['member'], $data, $time);
                }
            }

            return true;
        }
        else
            return false;
    }

    function logout()
    {
        global $SPUDS_SESS;
        // delete the cookie before the session.  the session names the cookie lol
        setcookie($SPUDS_SESS['cookie']['member'], '', time()-1);

        // empty the sessions super global
        $_SESSION = array();

        // destroy the sessions super global
        session_destroy();

        // return that it was successful
        return true;
    }
};


?>

shoot, and i was AHEAD of scheduale for once lmao

MrPotatoes

yea, instead of double posting i figured it would be best to do this. so here it is, a real question. retaining to the thing at hand

MrPotatoes

i figured it out

i wasn't doing this:


        // check and load the member cookie
        if (isset($_COOKIE[$cookiename]))
            $this->cookie_set = true;

        // TODO: ok, what i need to do here is actually make is so that
        // i'm not using the login function again
        if ($this->cookie_set)
        {                
            [b]$cookie = $_COOKIE[$cookiename];[/b]

            $cookie = explode(':', base64_decode($cookie));

            $this->usr = $cookie[0];
            $this->pwd = $cookie[1];

            $this->login($cookie[0], $cookie[1], true);

so now it works fully. i plan on changing alot but i'm happy with the base functionality. so that's what matters right now.

thanx folks if you looked it over. i'm out[/quote]