User LogIn
Moderator: General Moderators
- hob_goblin
- Forum Regular
- Posts: 978
- Joined: Sun Apr 28, 2002 9:53 pm
- Contact:
if you register a variable with sessions... you still have to use $_SESSION['var'] ...
cookies don't use up memory on the server though...
sessions don't need to set cookies with domains and security and all that...
it really depends on how big the job is, and how much you're worried about use of resources
cookies don't use up memory on the server though...
sessions don't need to set cookies with domains and security and all that...
it really depends on how big the job is, and how much you're worried about use of resources
Cookies are extremely easy to use.
If you have set a cookie called 'user' then the variable $user is available on all your pages (note this is with register_globals on and is PHP prior to 4.1.x)
So no need to do $_COOKIE... or whatever it is.
hob_goblin: you don't need to set domains, security and all that with cookies.
The only disadvantage with cookies is that the user may have turned off the ability to accept cookies, therefore they won't work with that user.
If you have set a cookie called 'user' then the variable $user is available on all your pages (note this is with register_globals on and is PHP prior to 4.1.x)
So no need to do $_COOKIE... or whatever it is.
hob_goblin: you don't need to set domains, security and all that with cookies.
The only disadvantage with cookies is that the user may have turned off the ability to accept cookies, therefore they won't work with that user.
- cheatboy00
- Forum Contributor
- Posts: 151
- Joined: Sat Jun 29, 2002 10:36 am
- Location: canada
- Contact:
AHAHAHAHAHAHAHAHAHAHAHAHAmikeq wrote:Cookies are extremely easy to use.
If you have set a cookie called 'user' then the variable $user is available on all your pages (note this is with register_globals on and is PHP prior to 4.1.x)
So no need to do $_COOKIE... or whatever it is.
:: cough :: <span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span> ::cough ::
easy-to-use my ass.... they kept on screwing with me when i was doing my site... i took weeks to get the damn thing running.... then after all that work the cookies failed and there was some error along the lines and well... the login didnt seem to work anymore.... i got that working then the logout didnt work...
cookies suck there useless
stick with sessions
cheatboy, because you had trouble using cookies is no excuse to call them "useless" or to say that what Mike said was "<span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span>". Fact is, plenty of sites all over the web seem to find cookies useful - why don't you check your history folder and see how many cookies are in there?
Cookies help take the impetus off the server for storing information related to a session, and can be quite helpful in that role. Please know what you're talking about before you respond in such an authoritative manner.
Cookies help take the impetus off the server for storing information related to a session, and can be quite helpful in that role. Please know what you're talking about before you respond in such an authoritative manner.
-
daemorhedron
- Forum Commoner
- Posts: 52
- Joined: Tue Jul 23, 2002 11:03 am
You can use cookies if you wish, but there are several strong reasons to use sessions instead. A lot of people these days have cookie eaters (they block, alter, ban, modify, etc cookies). Cookies are client side, whereas sessions are server side. Session data can be trusted more than cookie data (although you should always authenticate not just your users, but your data as well). There are numerous tutorials on the usage of both, it would be in your best interest to look into it when you have some time.
In the meantime, so long as you are having fun, run with it! =)
In the meantime, so long as you are having fun, run with it! =)
POWER TO THE SESSIONS!
Code: Select all
session_register("ILOVESESSIONS")
if(session_is_registered("ILOVESESSIONS")) { echo "I LOVE SESSIONS"; }
else
{ echo "I LOVE SESSIONS ANYWAY"; }And I suppose because some people are crap drivers that makes cars crap alsocheatboy00 wrote:AHAHAHAHAHAHAHAHAHAHAHAHAmikeq wrote:Cookies are extremely easy to use.
If you have set a cookie called 'user' then the variable $user is available on all your pages (note this is with register_globals on and is PHP prior to 4.1.x)
So no need to do $_COOKIE... or whatever it is.
:: cough :: <span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span> ::cough ::
easy-to-use my ass.... they kept on screwing with me when i was doing my site... i took weeks to get the damn thing running.... then after all that work the cookies failed and there was some error along the lines and well... the login didnt seem to work anymore.... i got that working then the logout didnt work...
cookies suck there useless
stick with sessions
okay, I'm stuck again, so now it shows the welcome msg, but it doesn't check the password if its right or wrong, instead it logs you in either way, and if your member name and password match in the database it gives the ID on the settings link. also the cookies don't set.
heres my code
heres my code
Code: Select all
<?php
if(isset($_POSTї'username'])){
global $username;
global $password;
$db = @mysql_connect("$dbhost", "$dbuname", "$dbpage");
if (!$db) {
echo( "<p>Unable to connect to the " .
"database server at this time.</p>" );
exit();
}
mysql_select_db("$dbname", $db);
if (! @mysql_select_db("$dbname") ) {
echo( "<p>Unable to locate the members " .
"database at this time.</p>" );
exit();
}
$query3 = "SELECT id FROM membersdb WHERE "
. "username='$username' AND password='$password'";
$result3 = mysql_query($query3)
or die("Query failed at userid retrieval stage.");
$num_rows = mysql_num_rows($result3);
$myrow = mysql_fetch_array($result3);
$id = $myrowї0];
$encryptedpassword = md5($password);
$myrow = mysql_fetch_array($result3);
$password = $myrowї0];
if ($encryptedpassword == $password) {
setcookie("ck_username", $username);
setcookie("ck_password", $password);
setcookie("ck_id", $id);
}
echo("Welcome $username: ї<a href=members?action=edit&id=$id>Settings</a>|Logout]");
} elseif($num_rows == "0") {
print ("<font color=red> Sorry, but either the username or password you submitted was wrong. Sort it out.</font>");
print "<form method=post action="$PHP_SELF">";
print " <b>User Name</b>:<input type=text name=username size=15 maxlength=10 class=textbox>";
print " <b>Password</b>:<input type=password size=15 maxlength=10 name=password class=textbox>";
print " <input type=submit value=Login class=button>";
print "</form>";
print ("<p>");
print ("<font class=rm>Not a member? <a href=join.php class=rm>Click Here</a></font>");
} else {
print ("<form method=post action="$PHP_SELF">");
print (" <b>User Name</b>:<input type=text name=username size=15 maxlength=10 class=textbox>");
print (" <b>Password</b>:<input type=password size=15 maxlength=10 name=password class=textbox>");
print (" <input type=submit value=Login class=button>");
print ("</form>");
print ("<p>");
print ("<font class=rm>Not a member? <a href=join.php class=rm>Click Here</a></font>");
}
?>Cookies Or Sessions
Cookies are easy to use, and so are sessions. It is a preference, and your individual needs and wants.
Everyone has there own need for PHP, let them figure out what they need or want to use.
Everyone has there own need for PHP, let them figure out what they need or want to use.
There are a couple of things that strike me as odd:
1.
First you fetch one row and get the ID then you fetch another row to get the password. Are not these two on the same row for each user? You don't even select password in your query.
2.
If magic quotes are off you should escape username and password before you use them in a query.
3.
I agree with fatalcure on that your if/else statements seems cause some trouble.
Comment on the Cookie-Session war: They are both useful but in this case I would go with sessions for the reasons daemorhedron outlined in his/here post.
/josa
1.
First you fetch one row and get the ID then you fetch another row to get the password. Are not these two on the same row for each user? You don't even select password in your query.
Code: Select all
$myrow = mysql_fetch_array($result3);
$id = $myrowї0];
$encryptedpassword = md5($password);
$myrow = mysql_fetch_array($result3);
$password = $myrowї0];If magic quotes are off you should escape username and password before you use them in a query.
3.
I agree with fatalcure on that your if/else statements seems cause some trouble.
Comment on the Cookie-Session war: They are both useful but in this case I would go with sessions for the reasons daemorhedron outlined in his/here post.
/josa