Ok this has been bugging my for a week now.

I am have a member script i set up but when people login it only last about 20 minutes becuase it uses sessions.

So how would i make a function or something to remember the person and there info.

login script

<?php
include ($_SERVER['DOCUMENT_ROOT']."/common.php");
switch($_REQUEST['req']){
case "validate":
$validate = mysql_query("SELECT * FROM user
WHERE username='{$_POST['username']}'
AND password = md5('{$_POST['password']}')
AND verified='1'
");
if(mysql_num_rows($validate) == 1){

while($row = mysql_fetch_assoc($validate)){
$_SESSION['login'] = true;
$_SESSION['userid'] = $row['id'];
$_SESSION['first_name'] = $row['first_name'];
$_SESSION['last_name'] = $row['last_name'];
$_SESSION['email_address'] = $row['email_address'];

if($row['admin_access'] == 1){
$_SESSION['admin_access'] = true;
}

$login_time = mysql_query("UPDATE user SET last_login=now() WHERE id='{$row['id']}'");
}

header("Location: /loggedin.php");

} else {
echo '<p>login failed</p>';
echo '<p>if you have already signed up for are web site,
please check you email to validate you information</p>';
}
break;

default:
include $_SERVER['DOCUMENT_ROOT'] . '/html/login_form.php';
break;
}
?>

anyone?

Sessions by default die when the browser's closed. Set a cookie instead, with a decent expiry value (i.e. how long it lasts for before vanishing) and check for its existence rather than for session ID perhaps.

yeah, thats the part i am stuck on. All my PHP books use sessions and i have looked at loads of sites about cookies but i need someone to tell me if i am doing it correct.

but i need the help with the basics first. How do i do what you said?

ok, let me re-word that.

the line after you validate it has,

$_SESSION ========

and so on, how do i store that information into a cookie?

so it goes into the database gets the into and stores it info a cookie, then i check for that cookie on any page i want using If isset and can then print say the first name.

how do i do that?

The code to fetch and decipher the data you want to store in the session is no different. The following assumes you have already been into your database (or however you are grabbing the data to store) and are ready to set the cookie.

if (!setcookie("name_of_cookie_here", "$data_to_store", time()+60*60*24, "/", "", "")) {
//this will last for a day, alter the expiry to whatever you want
echo "could not set cookie";
}


To grab your cookie, you don't need to use isset, you can just request the cookie via $_COOKIE'name_of_cookie_here']; So...

$cookie = $_COOKIE['name_of_cookie_here'];
if ($cookie == //...and so on, to validate

I don't want to be lazy as i like to do things buy myself but how do i do this with the above script.

something like this?


$validate = mysql_query("SELECT * FROM user
WHERE username='{$_POST['username']}'
AND password = md5('{$_POST['password']}')
AND verified='1'
");

if(mysql_num_rows($validate) == 1){
if (!setcookie("name_of_cookie_here", "$data_to_store", time()+60*60*24, "/", "", "")) {
//this will last for a day, alter the expiry to whatever you want
echo "could not set cookie";
}
while($row = mysql_fetch_assoc($validate)){
$cookie = $_COOKIE['name_of_cookie_here'];
if (
$cookie == $_SESSION['login'] = true;
$cookie == $_SESSION['userid'] = $row['id'];
$cookie == $_SESSION['first_name'] = $row['first_name'];
$cookie == $_SESSION['last_name'] = $row['last_name'];
$cookie == $_SESSION['email_address'] = $row['email_address'];
);

if($row['admin_access'] == 1){
$_SESSION['admin_access'] = true;
}



or is that just ****e