Remeber me option ..

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Jim_Bo
Forum Contributor
Posts: 390
Joined: Sat Oct 02, 2004 3:04 pm

Remeber me option ..

Post by Jim_Bo »

Hi,

I have a login script that is functioning very well .. I would like to add a remeber me option to it .. But have no idea where to start ..

Any help on this would be greatly appreciated ..


Thanks
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

Jim_Bo
Forum Contributor
Posts: 390
Joined: Sat Oct 02, 2004 3:04 pm

Post by Jim_Bo »

Hi,

Yea I have been there allready .. But didnt make alot of sence of it .. :oops:

Seemed complicated for what I allready have .. I just wanted to add the remeber me to the login form I allready have ..

I just thought there would be a simplified workaround / tutorial ..

Thanks
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

the most basic: call setcookie(). When a page is requested, check for the cookie and verify its contents.
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

You might want to randomly create a key that is put into the cookie, along with their userid, and ip address. When they log in, set the cookie, and also add the key you randomly created in their user row in the database.
The Key should most likely be random, and possibly encrypted.

When they visit the site, check to see if the key matches their key in the user row in the database and check to see if their IP matches.

Too bad if their IP address changes...
You have to ask yourself, easibility vs security

So if their cookie matches the database, give them the proper credentials.

This is a slightly more secure way 8), nonetheless, cookies can be stolen.
User avatar
infolock
DevNet Resident
Posts: 1708
Joined: Wed Sep 25, 2002 7:47 pm

Post by infolock »

the only problem with that is with us that have dynamic ip's. meaning if we reconnect to our dialup isp, we're sol if we can't obtain the exact same ip.

however, for security on a high profile sensative site, it would be a nice addition.

best thing is, as feyd said, use a cookie..
Last edited by infolock on Thu Mar 17, 2005 11:15 pm, edited 1 time in total.
Jim_Bo
Forum Contributor
Posts: 390
Joined: Sat Oct 02, 2004 3:04 pm

Post by Jim_Bo »

Hi,

Thanks guys .. Almost sounds like the to hard basket :?

I have read a little .. but havnt got a great understanding as yet ..

But it would be a handy feature .. Security at this point is not a major issue ..

Thanks
User avatar
shiznatix
DevNet Master
Posts: 2745
Joined: Tue Dec 28, 2004 5:57 pm
Location: Tallinn, Estonia
Contact:

Post by shiznatix »

i would recomend doing as fyed said and just setting a cookie if somtin like $_POST[rememberme] isset then set the cookie with username and password and then set $username and $password to the cookie values if the cookies are set and checking the db with those. if you want i can post some code but rite now im playing counter-strike :D
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

simple

set a checkmark box for the remember me option perhaps called $rememberme

then your code would look like this

Code: Select all

if($rememberme){
setcookie("cookiename", "content", "how_long_to_remember_for"); } ELSE {
setcookie("cookiename", "content"); }
That is the shortened, unsecure way of doing what you are trying to do.
Post Reply