General Programming Help
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
 
User Name:
Password:
Remember me
 



Go Back   Dev Articles Community ForumsProgrammingGeneral Programming Help

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
Thread Tools Search this Thread Display Modes
 
Unread Dev Articles Community Forums Sponsor:
  #1  
Old April 22nd, 2003, 04:11 PM
Mary Mary is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Mar 2003
Posts: 59 Mary User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 5 m 17 sec
Reputation Power: 0
Question Remember Login???

Currently, I am working on the Members Area, such as members login, the script will generate a sessionid for this member. And I am trying to create a script that can remember members info if a member checked the checkbox when he/she logged in the site, so that everytime he/she comes to the site he/she will be automately login. Could somebody help me with this? What steps I have to do? Greatly appreciated.

Reply With Quote
  #2  
Old April 22nd, 2003, 05:53 PM
avit avit is offline
Not Yet Perfect
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Nov 2002
Location: Squamish, BC
Posts: 111 avit User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Send a message via ICQ to avit
What you have to do is set a cookie on the client's browser that is returned to you when they request a page. That way you can identify their SID.

Look here:

http://www.onlamp.com/pub/a/php/excerpt/webdbapps_8/

Reply With Quote
  #3  
Old April 22nd, 2003, 06:17 PM
avit avit is offline
Not Yet Perfect
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Nov 2002
Location: Squamish, BC
Posts: 111 avit User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Send a message via ICQ to avit
Better yet, look right on this site:

http://www.devarticles.com/art/1/285/1

Reply With Quote
  #4  
Old April 22nd, 2003, 09:56 PM
wareseeker wareseeker is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Dec 2002
Posts: 71 wareseeker User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 15 m 7 sec
Reputation Power: 16
I have no idea. You're better read more about cookies.

Reply With Quote
  #5  
Old April 22nd, 2003, 10:02 PM
Mary Mary is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Mar 2003
Posts: 59 Mary User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 5 m 17 sec
Reputation Power: 0
Thanks for your help Avit. It is really hard for me to implement my code in to Ben's Article, because I designed my code different than Ben's Codes. Here is the brief login procedures that I have coded so far if anyone can help me I would greatly appreciate:

Quote:
index.php -> login and save cookie.

//==== session vars created
$_SESSION["session"]["login"]=$login;
$_SESSION["session"]["password"]=$pass;
$_SESSION["session"]["loggedIn"]=true;

//==== cookie stored
if($_POST['strSetCookie'] == 1) {
mysql_query("UPDATE users SET sessionid = '" . session_id() . "' WHERE login = '$login'");
setcookie("bakecookie", session_id(), time()+(3600*24*30*4));


From this point, I have no idea how to setup a check cookie and other steps in order the cookie to be recognized. Please someone help me with this.

Reply With Quote
  #6  
Old April 22nd, 2003, 11:33 PM
Taelo Taelo is offline
5B's
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: PC, FL
Posts: 366 Taelo User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 30 m 59 sec
Reputation Power: 16
PHP Code:
// We need to check to see if a cookie is set.
// If the session var "se_UID" is NOT set and a cookie var IS set, then we need to check out his id_hash and check to see if he is a valid user.
// If he is a valid user, we need to set all session vars for him.

// Let's walk through step by step.
if(!isset($_SESSION['se_UID']) && isset($_COOKIE['c_uid']) && isset($_COOKIE['id_hash']))
// is there a session already started?  does a cookie id exist?
{
     
$sql_checkUser mysql_query("SELECT UID, U_HASH FROM users WHERE UID = '{$_COOKIE['c_uid']}' AND U_HASH = '{$_COOKIE['id_hash']}' LIMIT 1"$id_link);
     
// there was a cookie var for this user, so we select his user id and password and compare them to the cookie.
     
     
if(mysql_num_rows($sql_checkUser) == 1)
     
// if the 2 match up then, (go to next lines)
     
{
          
$sql mysql_query("SELECT UID, U_NICK, FK_CSS_ID, U_LOGIN, U_ADMIN, U_NEWSADMIN, U_FADMIN, U_NUM_ROWS, U_LASTLOGIN, U_F_LASTLOGIN, U_HASH FROM users WHERE UID = '{$_COOKIE['c_uid']}' AND U_HASH = '{$_COOKIE['id_hash']}' LIMIT 1"$id_link);
          
// select all fields needed for session vars.
          
if(mysql_num_rows($sql) == 1)
          {
                 
// load db vars into session array.
               
$row_session mysql_fetch_array($sql$id_link);

               
$_SESSION['se_UID']           = $row_session['UID'];
               
$_SESSION['se_LOGIN']         = $row_session['U_LOGIN'];
               
$_SESSION['se_NICK']          = $row_session['U_NICK'];
               
$_SESSION['se_ADMIN']         = $row_session['U_ADMIN'];
               
$_SESSION['se_FADMIN']        = $row_session['U_FADMIN'];
               
$_SESSION['se_NEWSADMIN']     = $row_session['U_NEWSADMIN'];
               
$_SESSION['se_NUM_ROWS']      = $row_session['U_NUM_ROWS'];
               
$_SESSION['se_LASTLOGIN']     = $row_session['U_LASTLOGIN'];
               
$_SESSION['se_F_LASTLOGIN']   = $row_session['U_F_LASTLOGIN'];
          }
     }

__________________
-- Jason

Last edited by Taelo : April 23rd, 2003 at 12:42 AM.

Reply With Quote
  #7  
Old April 23rd, 2003, 12:33 AM
Mary Mary is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Mar 2003
Posts: 59 Mary User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 5 m 17 sec
Reputation Power: 0
Thank you very much Jason! But how can I use it? I have no clue with your code. Could you give a instruction? Thanks again.

Reply With Quote
  #8  
Old April 23rd, 2003, 12:43 AM
Taelo Taelo is offline
5B's
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: PC, FL
Posts: 366 Taelo User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 30 m 59 sec
Reputation Power: 16
I edited and added comments,...let me know if it helps,..

Reply With Quote
  #9  
Old April 23rd, 2003, 01:14 AM
avit avit is offline
Not Yet Perfect
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Nov 2002
Location: Squamish, BC
Posts: 111 avit User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Send a message via ICQ to avit
Quote:
Originally posted by Taelo
PHP Code:
// We need to check to see if a cookie is set.
// If the session var "se_UID" is NOT set and a cookie var IS set, then we need to check out his id_hash and check to see if he is a valid user.
// If he is a valid user, we need to set all session vars for him. 



Back up a little for me too, Taelo...

What's the id_hash ? Is that an md5() of the uid & pass?
Do you store that using setcookie(), and then compare it to a stored hash in your database?

Reply With Quote
  #10  
Old April 23rd, 2003, 11:02 AM
Taelo Taelo is offline
5B's
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: PC, FL
Posts: 366 Taelo User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 30 m 59 sec
Reputation Power: 16
this can be anything,....... it can be an md5 password,... or md5 session id,..... anything really,...... the point is to have more then 1 cookie ID to authenticate against. that way it makes it harder for a user to "become" another user

just make sure to that whatever you choose to set in the cookie, set it in the database as well

Reply With Quote
  #11  
Old April 23rd, 2003, 12:09 PM
Mary Mary is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Mar 2003
Posts: 59 Mary User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 5 m 17 sec
Reputation Power: 0
Thanks for your kind help, but I couldnot figure it out how to apply to the code which I currently have into yours. Could you please help if I sent you my codes. Greatly appreciated.

Reply With Quote
  #12  
Old April 23rd, 2003, 12:24 PM
Taelo Taelo is offline
5B's
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: PC, FL
Posts: 366 Taelo User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 30 m 59 sec
Reputation Power: 16
the easiest way to do it,....is to throw my code into a function or put it into a file and include it on a page. just remember the steps you need to take

1.) check to see if any session vars exist
2.) check their cookie values against their database values
3.) if they match, reset this users session vars


ohhh yeah, I am sure you already knew this, but you are going to have to change some things, well alot of things, if you want to use my code. I was just showing a flow and how I do it.

Reply With Quote
  #13  
Old April 23rd, 2003, 02:57 PM
Mary Mary is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Mar 2003
Posts: 59 Mary User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 5 m 17 sec
Reputation Power: 0
I give up. Cann't do it. Please help Taelo.

Reply With Quote
  #14  
Old April 23rd, 2003, 07:05 PM
Taelo Taelo is offline
5B's
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: PC, FL
Posts: 366 Taelo User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 30 m 59 sec
Reputation Power: 16
hehehe,....post your login code,.....not the html form,...just the php.

Reply With Quote
  #15  
Old April 23rd, 2003, 11:58 PM
Mary Mary is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Mar 2003
Posts: 59 Mary User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 5 m 17 sec
Reputation Power: 0
Smile

Yessss!!!! Finally, You accept to help me. Honestly, I was so disappointed that you was not gonna help me. Now, I am so happy . You're my man.

Here I have enclosed some parts of my code and how I designed. Please don't laugh about my code. I am just a newbie .
I am willing to fix anything from database design to any parts of my project. Once again, thanks you so much for you help.
Attached Files
File Type: txt code.txt (3.4 KB, 709 views)

Reply With Quote
  #16  
Old April 24th, 2003, 12:31 AM
Taelo Taelo is offline
5B's
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: PC, FL
Posts: 366 Taelo User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 30 m 59 sec
Reputation Power: 16
here are the pieces of your code you need to be concerened with

PHP Code:
// if we got here, no errors - start a session using the info
    // returned from the db:
    
cleanMemberSession($row[login], $row[password]); 


and

PHP Code:
//====================================== cookie
  
if($_POST['strSetCookie'] == 1)    {
        
mysql_query("UPDATE users SET sessionid = '" session_id() . "' WHERE login = '$login'");
      
setcookie("mem"session_id(), time()+(3600*24*30*4));
  }
//====================================== cookie 



what you are doing here
PHP Code:
 setcookie("mem"session_id(), time()+(3600*24*30*4)); 

is setting a cookie with the session_id. this is fine to update the users table and replce with the new session id, however I would not set a cookie with it.

what I would do is change this,
PHP Code:
 setcookie("mem"session_id(), time()+(3600*24*30*4)); 


to something more like this...
PHP Code:
 setcookie("user_id"$row["user_id"], time()+(3600*24*30*4));
setcookie("pass"$row["password"], time()+(3600*24*30*4)); 


Another question. You are saving passwords in session vars...why?

What I would do, is store the "user_id" and that users access rights in sessions. Then I would do a check on every "secure" page...
PHP Code:
if(!isset($_SESSION['se_UID']))
{
     @
header("Location: login.php");




make more sense?

Reply With Quote
  #17  
Old April 24th, 2003, 02:13 AM
Mary Mary is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Mar 2003
Posts: 59 Mary User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 5 m 17 sec
Reputation Power: 0
I have changed from this ...
PHP Code:
//====================================== cookie
  
if($_POST['strSetCookie'] == 1) {
        
mysql_query("UPDATE users SET sessionid = '" session_id() . "' WHERE login = '$login'");
        
setcookie("mem"session_id(), time()+(3600*24*30*4));
  }
//====================================== cookie 

into this...
PHP Code:
//======================================== cookie
if($_POST['strSetCookie'] == 1) {
  
$query="SELECT login, password FROM users WHERE login='$login'";
  
$result=mysql_query($query$link) or die("Could not retrieve info");
  
$row=mysql_fetch_array($result);
  
$login_id $row["login"];
  
$id_hash $row["password"];
  
setcookie("login_id"$login_idtime()+(3600*24*30*4));
  
setcookie("id_hash"$id_hashtime()+(3600*24*30*4));
  }
//======================================== cookie 


Please correct me if I am wrong.

And I took out the $_session[session][password];

What do I have to do next???... Where should I put the cookie check?...

Last edited by Mary : April 24th, 2003 at 05:16 AM.

Reply With Quote
  #18  
Old April 24th, 2003, 07:31 AM
Mary Mary is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Mar 2003
Posts: 59 Mary User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 5 m 17 sec
Reputation Power: 0
I got it!!!! It is working... Thanks you very much Taelo. Now, I understand cookieeee.

By the way, could you check for me the code that I fixed in the msg above to see that I made it right?

I would like to give you one of my book as a gift if you like.

From my the bottom of my heart, thank you so much.

Last edited by Mary : April 24th, 2003 at 07:45 AM.

Reply With Quote
  #19  
Old April 24th, 2003, 07:57 AM
Taelo Taelo is offline
5B's
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: PC, FL
Posts: 366 Taelo User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 30 m 59 sec
Reputation Power: 16
wow wow wow,.....hold up,.... only 1 problem.


you are not doing a check to make sure the info is valid.

PHP Code:
//======================================== cookie
if($_POST['strSetCookie'] == 1)
{

// Look at this line
  
$query="SELECT login, password FROM users WHERE login='{$_POST['login']}' AND password='{$_POST['password']}";
  
$result=mysql_query($query$link) or die("Could not retrieve info");
  
$row=mysql_fetch_array($result);

// look here
if(mysql_num_rows($result) == 1)
{

  
$login_id $row["login"];
  
$id_hash $row["password"];
  
setcookie("login_id"$login_idtime()+(3600*24*30*4));
  
setcookie("id_hash"$id_hashtime()+(3600*24*30*4));
}
else
{
     die(
"Bad authentication info.");
}
}
//======================================== cookie 


see?

ok heres what I did.

PHP Code:
 $query="SELECT login, password FROM users WHERE login='{$_POST['login']}' AND password='{$_POST['password']}"


this checks username AND password.

PHP Code:
if(mysql_num_rows($result) == 1


This checks to see if any rows (should be only 1) were returned. If 0 rows return or return false, it will kick it down to the else statement.

Reply With Quote
  #20  
Old April 25th, 2003, 01:45 AM
Mary Mary is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Mar 2003
Posts: 59 Mary User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 5 m 17 sec
Reputation Power: 0
Thanks Jason!

It makes more sense now. I understand how cookie works now. I would like to ask you another question about the part of your code:
PHP Code:
if(mysql_num_rows($sql_checkUser) == 1)
     
// if the 2 match up then, (go to next lines)
     
{
          
$sql mysql_query("SELECT UID, U_NICK, FK_CSS_ID, U_LOGIN, U_ADMIN, U_NEWSADMIN, U_FADMIN, U_NUM_ROWS, U_LASTLOGIN, U_F_LASTLOGIN, U_HASH FROM users WHERE UID = '{$_COOKIE['c_uid']}' AND U_HASH = '{$_COOKIE['id_hash']}' LIMIT 1"$id_link);
          
// select all fields needed for session vars.
          
if(mysql_num_rows($sql) == 1)
          {
                 
// load db vars into session array.
               
$row_session mysql_fetch_array($sql$id_link);

               
$_SESSION['se_UID']           = $row_session['UID'];
               
$_SESSION['se_LOGIN']         = $row_session['U_LOGIN'];
               
$_SESSION['se_NICK']          = $row_session['U_NICK'];
               
$_SESSION['se_ADMIN']         = $row_session['U_ADMIN'];
               
$_SESSION['se_FADMIN']        = $row_session['U_FADMIN'];
               
$_SESSION['se_NEWSADMIN']     = $row_session['U_NEWSADMIN'];
               
$_SESSION['se_NUM_ROWS']      = $row_session['U_NUM_ROWS'];
               
$_SESSION['se_LASTLOGIN']     = $row_session['U_LASTLOGIN'];
               
$_SESSION['se_F_LASTLOGIN']   = $row_session['U_F_LASTLOGIN'];
          }
     } 


Do I have to make some thing like this below:

PHP Code:
// look here
if(mysql_num_rows($sql_checkUser) == 1)
     
// if the 2 match up then, (go to next lines)
     
{
          
$sql mysql_query("SELECT UID, U_NICK, FK_CSS_ID, U_LOGIN, U_ADMIN, U_NEWSADMIN, U_FADMIN, U_NUM_ROWS, U_LASTLOGIN, U_F_LASTLOGIN, U_HASH FROM users WHERE UID = '{$_COOKIE['c_uid']}' AND U_HASH = '{$_COOKIE['id_hash']}' LIMIT 1"$id_link);
          
// select all fields needed for session vars.
          
if(mysql_num_rows($sql) == 1)
          {
                 
// load db vars into session array.
               
$row_session mysql_fetch_array($sql$id_link);

               
$_SESSION['se_UID']           = $row_session['UID'];
               
$_SESSION['se_LOGIN']         = $row_session['U_LOGIN'];
               
$_SESSION['se_NICK']          = $row_session['U_NICK'];
               
$_SESSION['se_ADMIN']         = $row_session['U_ADMIN'];
               
$_SESSION['se_FADMIN']        = $row_session['U_FADMIN'];
               
$_SESSION['se_NEWSADMIN']     = $row_session['U_NEWSADMIN'];
               
$_SESSION['se_NUM_ROWS']      = $row_session['U_NUM_ROWS'];
               
$_SESSION['se_LASTLOGIN']     = $row_session['U_LASTLOGIN'];
               
$_SESSION['se_F_LASTLOGIN']   = $row_session['U_F_LASTLOGIN'];
          }
}else{
     die(
"Bad authentication info.");
}



If "no necessary" could you explain me why?

btw, I like to give you a book as gift. If you like I will send it to you.

Have a wonderful day Jason!

Reply With Quote
  #21  
Old April 25th, 2003, 08:47 AM
Taelo Taelo is offline
5B's
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: PC, FL
Posts: 366 Taelo User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 30 m 59 sec
Reputation Power: 16
hehehe,....we all try to help each other here

ok,....this code is mainly for checking to see if a cookie exists, if it does exist then "log in" that user. There is really not need for an else statement.

also,....all this garbage
PHP Code:
 $_SESSION['se_UID']           = $row_session['UID'];
$_SESSION['se_LOGIN']         = $row_session['U_LOGIN'];
$_SESSION['se_NICK']          = $row_session['U_NICK'];
$_SESSION['se_ADMIN']         = $row_session['U_ADMIN'];
$_SESSION['se_FADMIN']        = $row_session['U_FADMIN'];
$_SESSION['se_NEWSADMIN']     = $row_session['U_NEWSADMIN'];
$_SESSION['se_NUM_ROWS']      = $row_session['U_NUM_ROWS'];
$_SESSION['se_LASTLOGIN']     = $row_session['U_LASTLOGIN'];
$_SESSION['se_F_LASTLOGIN']   = $row_session['U_F_LASTLOGIN']; 


these are all user settings that I store in session. So starting off you will most likely want to use the following.
PHP Code:
 $_SESSION['se_UID']           = $row_session['UID'];
$_SESSION['se_LOGIN']         = $row_session['U_LOGIN']; 


for me this sets the users "User ID" and the users Login into a session.

As I said above you would not need an else statement, let me explain now. What I do is include a security or config file into every page. Then I do a check on every "secure" page.
PHP Code:
if(!isset($_SESSION['se_UID']))
     @
header("Location: login.php"); 


If that session ID is set, then it will kick out of that if statement and continue on.

Reply With Quote
  #22  
Old April 27th, 2003, 11:57 AM
Mary Mary is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Mar 2003
Posts: 59 Mary User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 5 m 17 sec
Reputation Power: 0
PHP Code:
 Welcome
    
<?
            if(isset(
$_SESSION['session']['loggedIn'])) {

                                                print 
"1-";
                print 
"<b>{$_SESSION['session']['login']}</b>";

                }elseif(!isset(
$_SESSION{'session']['loggedIn']) && isset($_COOKIE['login_id']) && isset($_COOKIE['id_hash'])) {

                    
// is there a session already started?  does a cookie id exist?
                 
global $link;
                 
$sql_checkUser mysql_query("SELECT login, password FROM users " .
                                                  
"WHERE login = '{$_COOKIE['login_id']}' " .
                                       
"AND password = '{$_COOKIE['id_hash']}' LIMIT 1");
                 
// there was a cookie var for this user, so we select his user id and password and compare them to the cookie.

                 
if(mysql_num_rows($sql_checkUser) == 1)
                 
// if the 2 match up then, (go to next lines)
                 
{
              
$sql mysql_query("SELECT login, password, userlevel FROM users " .
                                                  
"WHERE login = '{$_COOKIE['login_id']}' " .
                               
"AND password = '{$_COOKIE['id_hash']}' LIMIT 1");
            
// select all fields needed for session vars.
            
if(mysql_num_rows($sql) == 1)
            {
                  
// load db vars into session array.
              
$row_session mysql_fetch_array($sql);

                          
$_SESSION["session"]["login"]=$row_session['login'];
                          
$_SESSION["session"]["password"]=$row_session['password'];
                          
$_SESSION["session"]["userlevel"]=$row_session['userlevel'];
                          
$_SESSION["session"]["loggedIn"]=true;

              print 
"2-";
                         print 
"<b>{$_SESSION['session']['login']}</b>";
            }
          }

}else{

            print 
"3-";
                    print 
"<b>Guest</b>";

            }
    
?>
    ! Wishing you a wonderful time at mysite.com 


Jason Could you help me with the code above. I don't know what wrong with logic. Let's me explain, every time I open the browser then come to the site it shows the welcome "Guest" ..... When I login it shows the welcome "Member" .... But when I logout it shows welcome "emptyhere".... Could you please check it for me to find out what i did wrong? Thank you very much Jason.

Last edited by Mary : April 27th, 2003 at 12:00 PM.

Reply With Quote
  #23  
Old April 27th, 2003, 12:50 PM
Taelo Taelo is offline
5B's
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: PC, FL
Posts: 366 Taelo User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 30 m 59 sec
Reputation Power: 16
how are you destroying your sessions?

if
PHP Code:
 $_SESSION['session']['loggedIn'

is still set, but you have unset the other session vars, then that could cause your problem.

Reply With Quote
  #24  
Old April 27th, 2003, 04:27 PM
Mary Mary is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Mar 2003
Posts: 59 Mary User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 5 m 17 sec
Reputation Power: 0
This is how I unset sessions vars, by going to logout.php and and calling 2 functions
PHP Code:
unset($_SESSION["session"]);
session_destroy(); 

Reply With Quote
  #25  
Old April 27th, 2003, 05:37 PM
jpenn jpenn is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: Washington, DC
Posts: 317 jpenn User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 m 3 sec
Reputation Power: 16
session_destroy() does not actually destroy the session - it only unset()'s all of the session var's in the session. So, if you use session_destroy() - there will still be an active session (although it will contain nothing) on the clients machine as the cookie is never removed.

So, to actully destroy a users session - you need to do some fancy, like so ->
PHP Code:
/*********************************
Call this code on one page
*********************************/
session_start();
session_destroy();
set_cookiesession_name(), ( int )-3600 );
/*********************************
Redirect to touch up page
*********************************/
header'location: page_2.php' ); 

Now, page 2 would like like this ->
PHP Code:
echo( 'The session has been destroyed. <a href="homepage.php">Click here</a> to return to the homepage.' ); 

You do not want to call session_start() on page 2. Once the user clicks the 'click here' link, it will sent them to your homepage where you can start a new fresh session...
__________________
~ Joe Penn

We work for free to help make this a valuable resource on the internet. Do you appreciate the help - did we provide help that will help you prosper and help that has contributed to sharpening your current skill set?

Show your appreciation and purchase something from our Amazon Wishlist's - it's simple and a great way to say thank you.




Reply With Quote
  #26  
Old April 27th, 2003, 08:05 PM
Taelo Taelo is offline
5B's
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: PC, FL
Posts: 366 Taelo User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 30 m 59 sec
Reputation Power: 16
exactly

Reply With Quote
  #27  
Old April 28th, 2003, 11:13 PM
Mary Mary is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Mar 2003
Posts: 59 Mary User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 5 m 17 sec
Reputation Power: 0
PHP Code:
<?
            
if(isset($_SESSION['session']['loggedIn'])) {

                
$name "{$_SESSION['session']['login']}";

                }

        if(!isset(
$_SESSION['session']['loggedIn']) && isset($_COOKIE['login_id']) && isset($_COOKIE['id_hash'])) {

                    
// is there a session already started?  does a cookie id exist?
                 
global $link;
                 
$sql_checkUser mysql_query("SELECT login, password FROM users " .
                                                  
"WHERE login = '{$_COOKIE['login_id']}' " .
                                       
"AND password = '{$_COOKIE['id_hash']}' LIMIT 1");
                 
// there was a cookie var for this user, so we select his user id and password and compare them to the cookie.

                 
if(mysql_num_rows($sql_checkUser) == 1)
                 
// if the 2 match up then, (go to next lines)
                 
{
              
$sql mysql_query("SELECT login, password, userlevel FROM users " .
                                                  
"WHERE login = '{$_COOKIE['login_id']}' " .
                               
"AND password = '{$_COOKIE['id_hash']}' LIMIT 1");
            
// select all fields needed for session vars.
            
if(mysql_num_rows($sql) == 1)
            {
                  
// load db vars into session array.
              
$row_session mysql_fetch_array($sql);

                          
$_SESSION["session"]["login"]=$row_session['login'];
                          
$_SESSION["session"]["password"]=$row_session['password'];
                          
$_SESSION["session"]["userlevel"]=$row_session['userlevel'];
                          
$_SESSION["session"]["loggedIn"]=true;

                         
$name "{$_SESSION['session']['login']}";
            }
          }
        }

                if(isset(
$_SESSION['session']['loggedIn'])== false) {

                    
$name "Guest";

            }
    
?>


I broke the code into several "if" statements it worked.

Reply With Quote
  #28  
Old April 28th, 2003, 11:16 PM
Taelo Taelo is offline
5B's
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: PC, FL
Posts: 366 Taelo User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 30 m 59 sec
Reputation Power: 16
Glad ya got it

Reply With Quote
  #29  
Old April 28th, 2003, 11:25 PM
Mary Mary is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Mar 2003
Posts: 59 Mary User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 5 m 17 sec
Reputation Power: 0
Hi Jason!
It cannot be done without your help
btw I'd like to ask you another question to make sure I do it right?

Is it ok? if I use
PHP Code:
if(...){

}
if(...){

}
if(...){



instead of this
PHP Code:
if(...){

}elseif(...){

}else{




Thanks Jason.

Last edited by Mary : April 28th, 2003 at 11:28 PM.

Reply With Quote
  #30  
Old April 29th, 2003, 01:58 AM
Taelo Taelo is offline
5B's
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: PC, FL
Posts: 366 Taelo User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 30 m 59 sec
Reputation Power: 16
usually instead of an if elseif statement I will use a switch statement.

PHP Code:
switch($var)
{
   case 
"1":
   
//code
   
break;

   case 
"2":
   
//code
   
break;



usually the switch statement and if/elseif statement is used to perform a check on 1 var.

PHP Code:
if($var == "something")
{
   
// do something
}
elseif(
$var == "somethingelse")
{
   
// do something else



much cleaner, IMHO, to use a switch statement

Last edited by Taelo : April 29th, 2003 at 02:02 AM.

Reply With Quote
Reply

Viewing: Dev Articles Community ForumsProgrammingGeneral Programming Help > Remember Login???


Developer Shed Advertisers and Affiliates


Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump

Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 


Powered by: vBulletin Version 3.0.5
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.

© 2003-2018 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap