cookies and staying signed in
ok. actually i'll make this a two-in-one.
there was an issue with logins before. with your help i was able to fix it, so maybe i can get both fixed now.
first, and way more importantly, is the one that the 2 friends to sign up last are having. both using M$ internet explorer. both are not staying logged in.
i cannot duplicate this. no one who signed up before them has the issue. they are successfully singing in, it's just not keeping. default login time is two min. they are def not waiting long enough for timeout.
secondly, i'm wondering how one can make a cookie which will stay in cache after one closes out a browser. this way i can make the cookies persist for those that don't want to be bothered with signing in each time they start up the browser
i don't see how to do it with setcookie()
the following code is ALL the code that sets cookies.
<?php
[joshua@Ashes includes]$ cat fyd.funcs.php | more
# functions used by multiple FindYourDesire pages
function cookies($action){ # inserts cookies
include(\"/home/joshua/includes/fyd.altincs.php\"); # includes file
if($action==='join-1'){ # make & set the confirmation code
$conf=md5(uniqid(microtime(),1)); # make unique id
$expire=time()+24*60*60; # set expiration an hour from now
setcookie('confcode', $conf, $expire); #create cookie
}elseif($action==='join-3'){
$un=$_POST['un']; $pw=md5($_POST['pw']); # set the username and password into cookies,
// pw is masked
$expire=time()+60*60; # set expiration an hour from now
setcookie('un', $un, $expire); # username
setcookie('pw', $pw, $expire); # pw
setcookie('utds', 'm/d/Y H:i:s', $expire); # time display
setcookie('gmto', '-5', $expire); # gmt offset
}elseif($action=='logout'){ # make all cookies expire
$expire=time()-(60*60*24*7); # set expire to 60 sec*60 min*24 hrs* 7 days ago
//(make sure a lagging computer will kill it
even if my host is in new zealand)
setcookie('un', NULL, $expire); # makes user name expire & sets it to NULL
//incase their computer errs
setcookie('pw', NULL, $expire); # makes password expire & sets it to NULL
//incase their computer errs
setcookie('login', NULL, $expire); # makes login expire & sets it to NULL
//incase their computer errs
setcookie('utds', NULL, $expire); # makes the tds expire & sets it to NULL
//incase their computer errs
setcookie('gmto', NULL, $expire); # makes the gmt offset expire & sets it to NULL
//incase their comp errs
}elseif($action=='update'){ # updates cookies (keeping you logged in) & returns waiting
//messages (optional)
if(isset($_COOKIE['login'])&&($_COOKIE['login'])){ # we're logged in
$ims=array(); # empty array for any ims we might find unread
$db=mysql_connect($host, $login2, $pass2) or die(\"cannot access mysql\");
# get the sql connection
$fyd=mysql_select_db('findyourdesire', $db) or die(\"cannot connect to db\");
# select the db
$un=$_COOKIE['un']; $pw=$_COOKIE['pw']; # what we wont change on-the-fly
$fprefs=mysql_query(\"SELECT uid, gmt_offset, tds, login_duration, msgs FROM users
WHERE username='$un' AND password='$
pw'\", $db); # get the prefs
if(mysql_num_rows($fprefs)>0){ # we can update the cookies
$prefs=mysql_fetch_array($fprefs); $gmto=$prefs['gmt_offset'];
$utds=$tdc[$prefs['tds']];
$duration=$durr[$prefs['login_duration']]; $accepts=($prefs['msgs']*1);
$uid=$prefs['uid'];
$expire=(time()+($duration*60));
setcookie('un', $un, $expire); # set username
setcookie('pw', $pw, $expire); # set password
setcookie('login', 1, $expire); # set login
setcookie('gmto', $gmto, $expire); # set the gmt offset
setcookie('utds', $utds, $expire); # set the time display style
$active=gmdate(\"Y-m-d H:i:s\", time());
$update=mysql_query(\"UPDATE users SET last_activity='$active'
WHERE username='$un'\", $db); # try to update users (we don't really care if it fails)
if($accepts){ # person accepts ims
if($accepts>5){ # the user wants them ALL
$fims=mysql_query(\"SELECT msg_id, from_un FROM msgs WHERE to_id='$uid' AND
viewed='0'\", $db);
while($gimid=mysql_fetch_array($fims)){ # while there's ims
$ims[]=$gimid; # record the msg_id
}
}else{ # user wants $accepts amount
$fims=mysql_query(\"SELECT msg_id, from_un FROM msgs WHERE to_id='$uid' AND
viewed='0' ORDER BY msg_id ASC LIMIT $accepts\", $db);
while($gimid=mysql_fetch_array($fims)){ # while there's ims
$ims[]=$gimid; # record the msg_id
}
}
}
}
} # end cookie updating
return $ims;
}
}
...
?><?php
[joshua@Ashes fyd]$ cat login.php
include(\"/home/joshua/includes/fyd.incs.php\"); # includes file
# variables used
$login=FALSE; $title='Login Page'; $error=FALSE; $linfo='';$expire='';
if(isset($_POST['un'])){ # check the db if this isn't the first loading of the page
$un=$_POST['un']; # what was the passed username?
$pass=MD5($_POST['pass']); // what was the given password
$db=mysql_connect($host, $login2, $pass2) or die(\"cannot access mysql\");
# connect to the database
$fyd=mysql_select_db('findyourdesire', $db) or die(\"cannot connect to db\");
# select the db
$lookup=mysql_query(\"SELECT uid, site_access, login_duration, gmt_offset, tds FROM users
WHERE username='$un' AND password='$pass'\", $db);// find user by username/pass combo
if(mysql_num_rows($lookup)){ // we have a user (username is unique, it can only be 1
//or 0 returned)
$info=mysql_fetch_array($lookup); # get all the info associated with the user
$sa=$info['site_access']; // find the site access
if((contains($sa, $regulars))||(contains($sa, $desireds))){ # if you're not suspended
$login=TRUE; $duration=$info['login_duration']; $uid=$info['uid'];
# set login, cookie duration, uid
$gmto=$info['gmt_offset']; $utds=$tdc[$info['tds']]; # set the gmt offset &
//time display
$now=gmdate(\"Y-m-d H:i:s\", time()); $currip=$_SERVER['REMOTE_ADDR'];
# get the time/new ip
$update=mysql_query(\"UPDATE users SET last_login_ip='$currip',
last_login_date='$now' WHERE uid='$uid'\", $db); # update login date and ip
$expire=time()+(60*$durr[$duration]); # set expiration by formula time()+
//seconds*minutes*hrs*days*yrs
setcookie('un', $un, $expire); # set username
setcookie('pw', $pass, $expire); # set password
setcookie('login', 1, $expire); # set login
setcookie('gmto', $gmto, $expire); # set the gmt offset
setcookie('utds', $utds, $expire); # set the time display style
bgnlpg($title); nav2(); success($un); clspg(); # show the successful login page
}else{ bgnpg($title); nav(); login($un, TRUE, 3); clspg(); } # the user is suspended
}else{ bgnpg($title); nav(); login($un, TRUE, 1); clspg(); } # there was no user by
// that name/password
}else{ bgnpg($title); nav(); login('', FALSE, 0); clspg(); } # no failed login attempt
/* *********************************
** create the appropriate page **
********************************* */
function success($un){
include('/home/joshua/includes/fyd.altincs.php'); # includes file
echo <<<END
<h1>Welcome back $un!</h1>
<p>Please choose where to go next</p>
$tsw100
<tr>
<td class=\"center\"><a href=\"index.php\">Home</a></td>
<td class=\"center\"><a href=\"forums.php\">Forums</a></td>
<td class=\"center\"><a href=\"search.php\">Search</a></td>
</tr>
</table>
END;
}
function login($un, $err, $user){ // login page, username is remembered if there was
//a failed attempt
include('/home/joshua/includes/fyd.altincs.php'); # includes file
if($err){ # there was an error
if($user==1){ # there is no such user
echo ' <font color=\"#ff0000\"><h1>Your Username or Password is wrong.
Please check your spelling and try again</h1></font>';
}else{ # you're suspended or updating your email
echo ' <p>Your email is unvalidated or you have been suspended, please check
the forums. The two times you are not allowed to login are when your e-mail address
is unvalidated or you have been suspended. In the latter case there should be a thread
in either the Fakes or Problems/Comments/Suggestions forum stating what the
problem is.</font></p>';
}
}
if($err){$un=$_POST['un'];}else{$un='';} # set un's value
echo <<<END
<p> </p><p> </p>
<form action=\"{$_SERVER['PHP_SELF']}\" method=\"POST\">
$tsnw
<tr><td>Your Member Name</td><td><input type=\"text\" name=\"un\"
size=\"15\" maxsize=\"15\" value=\"$un\"></td></tr>
<tr><td>Your Password</td><td><input type=\"password\" name=\"pass\"
size=\"15\" maxsize=\"15\"></td></tr>
<tr><td><a href=\"pass.php\">Lost Your PW?</a></td><td><input
type=\"submit\" value=\"Login!\"></td></tr>
</table>
</form>
END;
}
[joshua@Ashes fyd]$
?>yes, i did adjust to try to remove scrolling
POSIX. because a stable os that doesn't have memory leaks and isn't buggy is always good.
Mark Hensler posted this at 07:24 — 3rd October 2003.
He has: 4,048 posts
Joined: Aug 2000
Have you had others test this with the same setup (OS/Browser)?
May sound dumb, but... do they have cookies enabled?
setcookie() always persists after a browser is closed. Cookies always expire. To keep a cookie for login purposes, the general practice is to set the cookie to expire 1 year from the current date. Then after each successfull login (which should be automatic), you reset the expire for an additional year. (This is so the cookie never actually expires)
IIRC, sessions are the only thing that "expire" when a browser is closed.
Mark Hensler
If there is no answer on Google, then there is no question.
m3rajk posted this at 16:15 — 3rd October 2003.
They have: 461 posts
Joined: Jul 2003
odd. becasue i've closed out the browser and then reopened it and gotten the screen that i'm not logged in.
i don't know about their operating system. i know they were both using interent explorer, one has made websites so i expect she's good with computers and she said she has cookies on.
POSIX. because a stable os that doesn't have memory leaks and isn't buggy is always good.
Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.