Change Password functionality & existing session cookie
Posted: Sun Sep 27, 2009 3:52 pm
I recently implemented a change password functionality on my site; however, once a user changes their password, the session/cookie code I have in place forces the user back to the login page (I guess to reset the session cookie). Is there anyway to just update the session cookie upon password change, such that that doesn't have to log back in again? Tell you truth, I am little at a loss when comes to the whole cookie setting concept (something for me to brush up on I guess).
Here's the code that seems to check for set cookie session:
Here's the code from my login page that sets the remember me/session me cookie:
Here's the code that seems to check for set cookie session:
Code: Select all
function checkLogin(){
/* Check if user has been remembered */
if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
$_SESSION['username'] = $_COOKIE['cookname'];
$_SESSION['password'] = $_COOKIE['cookpass'];
}
/* Username and password have been set */
if(isset($_SESSION['username']) && isset($_SESSION['password'])){
/* Confirm that username and password are valid */
if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
/* Variables are incorrect, user not logged in */
unset($_SESSION['username']);
unset($_SESSION['password']);
return false;
}
return true;
}
/* User not logged in */
else{
return false;
}
}Code: Select all
/* Username and password correct, register session variables */
$_POST['user'] = stripslashes($_POST['user']);
$_SESSION['username'] = $_POST['user'];
$_SESSION['password'] = $md5pass;
if(isset($_POST['remember'])){
setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
}
/* Quick self-redirect to avoid resending data on refresh */
echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}