Hey Guys,

How would I go about editing my current login script:

// *** Validate request to login to this site.
session_start();

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($accesscheck)) {
$GLOBALS['PrevUrl'] = $accesscheck;
session_register('PrevUrl');
}

if (isset($_POST['Username'])) {
$loginUsername=$_POST['Username'];
$password=$_POST['Password'];
$MM_fldUserAuthorization = "Status";
$MM_redirectLoginSuccess = "loginsuccess.php";
$MM_redirectLoginFailed = "login2.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_Racewall06, $Racewall06);

$LoginRS__query=sprintf("SELECT Username, Password, Status FROM RacewallMembers WHERE Username='%s' AND Password='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));

$LoginRS = mysql_query($LoginRS__query, $Racewall06) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {

$loginStrGroup = mysql_result($LoginRS,0,'Status');

//declare two session variables and assign them
$GLOBALS['MM_Username'] = $loginUsername;
$GLOBALS['MM_UserGroup'] = $loginStrGroup;

//register the session variables
session_register("MM_Username");
session_register("MM_UserGroup");


To remember the user each time they visit, like login forever?

Basically so the user doesn't have to login each time they visit the site.

I'm guessing that it will write some sort of cookie onto the users system that expires in 999999999 seconds or similar? If that cookie is detacted, it takes the username and pass from that cookie?

But not sure how to do it :-(

Yep, just set a cookie (with the expiration date of your choice) and then, on repeat visits, check for the existance of the cookie. If the cookie exsits, skip the login, if not, ask for the username/password.

Hey, I would use something like this somewhere near the if($loginFoundUser)

set_cookie("User", $loginUsername, time()+60*60*24*30/*expires in 1 month*/, /, "yourdomainhere", 1 /*only send over a secure connection*/ );
set_cookie("pass", $password, time()+60*60*24*30, /, "yourdomainhere", 1 );
//You'll want to encode the password somehow

and then something like

if($_COOKIE[User]){
$loginUsername = $_COOKIE[USER];
$password = $_COOKIE[pass];
$MM_redirectLoginSuccess = "loginsuccess.php";
$MM_redirectLoginFailed = "login2.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_Racewall06, $Racewall06);

$LoginRS__query=sprintf("SELECT Username, Password, Status FROM RacewallMembers WHERE Username='%s' AND Password='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));

$LoginRS = mysql_query($LoginRS__query, $Racewall06) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {

$loginStrGroup = mysql_result($LoginRS,0,'Status');

//declare two session variables and assign them
$GLOBALS['MM_Username'] = $loginUsername;
$GLOBALS['MM_UserGroup'] = $loginStrGroup;

//register the session variables
session_register("MM_Username");
session_register("MM_UserGroup");
}

cheers guys...think i've got it working :)

If I am not mistaken, no matter how long you set the cookie for the users computer will delete it after a certain length of time.

Again I think this is true, don't quote me on that.

You can set your Browser to delete the cookies after a certain period of time, but if you don't have it that way the cookies will expire after the time set with the script

You can use session instead of cookies.

You can use session instead of cookies.How? Won't the session expire before repeat visits?

OK....

Not quite right...I thought it was...but its not working it appears...I selected Login Forever, and went in today, and erm, its logged me out...

Here is my code in the PHP area....

if($_COOKIE['User'])
{
session_start();

$loginUsername = $_COOKIE['User'];
$password = $_COOKIE['pass'];
$MM_redirectLoginSuccess = "members.php";
$MM_redirectLoginFailed = "login2.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_Racewall06, $Racewall06);

$LoginRS__query=sprintf("SELECT Username, Password, Status FROM RacewallMembers WHERE Username='%s' AND Password='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));

$LoginRS = mysql_query($LoginRS__query, $Racewall06) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser)
{
$loginStrGroup = mysql_result($LoginRS,0,'Status');

//declare two session variables and assign them
$GLOBALS['MM_Username'] = $loginUsername;
$GLOBALS['MM_UserGroup'] = $loginStrGroup;

//register the session variables
session_register("MM_Username");
session_register("MM_UserGroup");
header("Location: " . $MM_redirectLoginSuccess );
}
}
else
{
session_start();

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($accesscheck))
{
$GLOBALS['PrevUrl'] = $accesscheck;
session_register('PrevUrl');
}

if (isset($_POST['Username']))
{
$loginUsername=$_POST['Username'];
$password=$_POST['Password'];
$MM_fldUserAuthorization = "Status";
$MM_redirectLoginSuccess = "loginsuccess.php";
$MM_redirectLoginFailed = "login2.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_Racewall06, $Racewall06);

$LoginRS__query=sprintf("SELECT Username, Password, Status FROM RacewallMembers WHERE Username='%s' AND Password='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));

$LoginRS = mysql_query($LoginRS__query, $Racewall06) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);

if ($loginFoundUser)
{

$loginStrGroup = mysql_result($LoginRS,0,'Status');

setcookie("User", $loginUsername, $_POST['LoginTime']);
setcookie("Group", $loginStrGroup, $_POST['LoginTime']);
setcookie("pass", $password, $_POST['LoginTime']);

//declare two session variables and assign them
$GLOBALS['MM_Username'] = $loginUsername;
$GLOBALS['MM_UserGroup'] = $loginStrGroup;

//register the session variables
session_register("MM_Username");
session_register("MM_UserGroup");


if (isset($_SESSION['PrevUrl']) && false)
{
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];

$log = "UPDATE RacewallMembers SET LastLogIn = ".$_POST['time']." WHERE Username = ".$_POST['Username'];
mysql_query($log);
}
header("Location: " . $MM_redirectLoginSuccess );
}
else
{
header("Location: ". $MM_redirectLoginFailed );
}

}
}
?>

and my values for login duration are set as follows:

<select name="LoginTime" id="LoginTime">
<option value="1800">30 Mins</option>
<option value="3600">1 Hour</option>
<option value="86400">1 Day</option>
<option value="604800">1 Week</option>
<option value="2200000000">Forever</option>
</select>

Cheers again

try this when you set your cookie...

setcookie("User", $loginUsername, time()+$_POST['LoginTime']);

thanks...will try that :)

Cheers

Kevin

Hmmm....Nope....not working :(

Are you sure there is no script overwriting the value of your cookies???
Did you put time()+$_POST['LoginTime'] in every cookie???