Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PHP Cookies login

Status
Not open for further replies.
chorta

chorta

Technical User
Apr 17, 2007
3
US
Hi all,I have a problem with a website that uses php login with cookies... when some one tries to log in it returns nothing and you have to keep trying about 2-4 times this is very random and some times it will let you login without a problem...This happens in all browsers and all platforms


//////////////////////check login script

<?php
if(isset($_COOKIE["nano"]["userID"])&&isset($_COOKIE["nano"]["uniqueID"])){
$db = mysql_connect("localhost","om_dba","pass");
mysql_select_db("om",$db);
$query = sprintf(
"select CookieID
from Cookies
where UserID = %s and UniqueID = '%s'",
mysql_real_escape_string($_COOKIE["nano"]["userID"]),
mysql_real_escape_string($_COOKIE["nano"]["uniqueID"]));
$result = mysql_query($query);
if(mysql_num_rows($result) == 1){
$query = sprintf(
"select t.Type, t.TypeID
from Users u
join UserTypes t on u.UserType = t.TypeID
where
u.UserID = %s",
mysql_real_escape_string($_COOKIE["nano"]["userID"]));
$result = mysql_query($query);
$row = mysql_fetch_assoc($result);
session_start();
session_name("om");
$_SESSION['userID'] = $_COOKIE['nano']['userID'];
$_SESSION['userType'] = $row['Type'];
$_SESSION['userTypeID'] = $row['TypeID'];
$query = sprintf(
"update Users
set DateLastLoggedIn = curdate()
where UserID = '%s'",
mysql_real_escape_string($_COOKIE['nano']['userID']));
mysql_query($query);
unset($query,$result,$row);
} else {
setcookie("PHPSESSID","",time()-3600);
setcookie("nano[userID]","",time()-3600);
setcookie("nano[uniqueID]","",time()-3600);
}
}
?>


////////////////
Thanks!
 
Sort by date Sort by votes
you should set the session_name() before starting the session.

and destroy the session in the bottom half of the conditional
Code: 
session_destroy();

and, of course, since you're trying to change the session name there is a good chance that the cookie won't be called PHPSESSID...

try instead (from the manual)
Code: 
if (isset($_COOKIE[session_name()])) {
    setcookie(session_name(), '', time()-42000, '/');
}

and personally i'd want to turn error reporting on until i was sure that the code worked.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SashaBuilder3
  • Locked
  • Question
import CSV file into MySql table in PhpMyAdmin
Replies
0
Views
228
SashaBuilder3
SashaBuilder3
PeDa
  • Locked
  • Question
Unwanted spaces in php HTML mail 1
Replies
4
Views
199
PeDa
PeDa
Mandy_crw
  • Locked
  • Question
How to send sms in PHP using usb gsm modem?
Replies
1
Views
212
vishvajit
vishvajit
lflynnlrf
  • Locked
  • Question
wordpress/ shortcode/ PHP duplicating code
Replies
1
Views
109
spamjim
spamjim
cmayo
  • Locked
  • Question
Is PHP/PEAR MDB2 dead? Which PHP abstraction layer should I use?
Replies
1
Views
83
spamjim
spamjim

Part and Inventory Search

Sponsor

Back
Top