Simple PHP Question, I am new to PHP, Can't figure out how

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Simple PHP Question, I am new to PHP, Can't figure out how

Post by tecktalkcm0391 »

How do you make a user stay logged in for a session, and then if the variable $stayloggedin = '1'; then they stay logged in even after they close their browser.
Flamie
Forum Contributor
Posts: 166
Joined: Mon Mar 01, 2004 3:19 pm

Post by Flamie »

you cant do it with just a variable because the variable gets deleted once the script is over.
If you want the user to stay logged in after they close their browser and reopen it use cookies ;o
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Post by tecktalkcm0391 »

the variable would only be needed on the process login page because that page out put the cookie to stay login in on. can anybody tell me a code that i could work off of to create a login.
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

Google is your friend :)
login script php

Mac
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Post by Ambush Commander »

None of the scripts out there are very good, unfortunantely.

What you're trying to achieve is remember_me. Issue the user a special token in a cookie called remember_me which you also store in a database. When the user turns their browser back on, check the remember_me token, and, if it's valid, log the user in automatically.
toasty2
Forum Contributor
Posts: 361
Joined: Wed Aug 03, 2005 10:28 am
Location: Arkansas, USA

Post by toasty2 »

You could store their ip in a database and some info saying if they should be logged in or not.
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Post by Ambush Commander »

You could store their ip in a database and some info saying if they should be logged in or not.
Definitely do not do that. IP != identity, especially for AOL users and people behind NAT.
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Simple PHP Question, I am new to PHP, Can't figure out h

Post by Christopher »

tecktalkcm0391 wrote:How do you make a user stay logged in for a session, and then if the variable $stayloggedin = '1'; then they stay logged in even after they close their browser.
You can use PHP's built-in session library to do this. On your log-in page do:

login.php

Code: Select all

if ($username_and_password_verified) {
    session_start();
    $_SESSION['loggedin'] = 1;
    // show logged-in page
} else {
    // show log-in form
}
And on other pages that the user must be logged-in to access do:

mypage.php

Code: Select all

session_start();
if (isset($_SESSION['loggedin']) && ($_SESSION['loggedin'] == 1)) {

    // show the page

} else {
    // send the to the log-in page
    header('Location: login.php');
}
Remember that you need to call session_start() before you can access the $_SESSION superglobal array.
(#10850)
User avatar
Oren
DevNet Resident
Posts: 1640
Joined: Fri Apr 07, 2006 5:13 am
Location: Israel

Post by Oren »

Small fix to arborint's code:
Change:

Code: Select all

if (isset($_SESSION['loggedin']) && ($_SESSION['loggedin'] == 1)) {
Into:

Code: Select all

if (isset($_SESSION['loggedin']) && ($_SESSION['loggedin'] === 1)) {
Some might argue that this adds nothing, but my answer would be: it won't decrease security and that's for sure, so why not? (and it is also a little bit faster than '==')
:wink:
Post Reply