Simple PHP Question, I am new to PHP, Can't figure out how
Moderator: General Moderators
- tecktalkcm0391
- DevNet Resident
- Posts: 1030
- Joined: Fri May 26, 2006 9:25 am
- Location: Florida
Simple PHP Question, I am new to PHP, Can't figure out how
How do you make a user stay logged in for a session, and then if the variable $stayloggedin = '1'; then they stay logged in even after they close their browser.
- tecktalkcm0391
- DevNet Resident
- Posts: 1030
- Joined: Fri May 26, 2006 9:25 am
- Location: Florida
- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
- Ambush Commander
- DevNet Master
- Posts: 3698
- Joined: Mon Oct 25, 2004 9:29 pm
- Location: New Jersey, US
None of the scripts out there are very good, unfortunantely.
What you're trying to achieve is remember_me. Issue the user a special token in a cookie called remember_me which you also store in a database. When the user turns their browser back on, check the remember_me token, and, if it's valid, log the user in automatically.
What you're trying to achieve is remember_me. Issue the user a special token in a cookie called remember_me which you also store in a database. When the user turns their browser back on, check the remember_me token, and, if it's valid, log the user in automatically.
- Ambush Commander
- DevNet Master
- Posts: 3698
- Joined: Mon Oct 25, 2004 9:29 pm
- Location: New Jersey, US
- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
Re: Simple PHP Question, I am new to PHP, Can't figure out h
You can use PHP's built-in session library to do this. On your log-in page do:tecktalkcm0391 wrote:How do you make a user stay logged in for a session, and then if the variable $stayloggedin = '1'; then they stay logged in even after they close their browser.
login.php
Code: Select all
if ($username_and_password_verified) {
session_start();
$_SESSION['loggedin'] = 1;
// show logged-in page
} else {
// show log-in form
}mypage.php
Code: Select all
session_start();
if (isset($_SESSION['loggedin']) && ($_SESSION['loggedin'] == 1)) {
// show the page
} else {
// send the to the log-in page
header('Location: login.php');
}(#10850)
Small fix to arborint's code:
Change:
Into:
Some might argue that this adds nothing, but my answer would be: it won't decrease security and that's for sure, so why not? (and it is also a little bit faster than '==')

Change:
Code: Select all
if (isset($_SESSION['loggedin']) && ($_SESSION['loggedin'] == 1)) {Code: Select all
if (isset($_SESSION['loggedin']) && ($_SESSION['loggedin'] === 1)) {