Page 1 of 1
Need the theory behind implementing Remember Me checkbox
Posted: Wed Dec 12, 2007 2:27 am
by parka
Seems that whenever the user quit the browser, removing it from memory, the cookies are flushed away.
Is there any way to create a persistent cookie?
With the persistent cookie, I could save the username and session id into the cookie.
Can someone see if my logic works?
Code: Select all
if $_COOKIE['username'] exists {
if $_COOKIE['sessionid'] exists{
check inside database if the user has a sessionid that is not expired {
user is verified to have a current session and should be automatically logged in
}
}
}
(By the way, I'm using Mac OS 10.5 on Apache 2.0, PHP 5.2.4)
Posted: Wed Dec 12, 2007 2:39 am
by farkewie
Something like this on your login script after the user has be authorised would do it
Code: Select all
<?php
if (($_POST['remeber_me']) == "yes") {
setcookie("username",$username,time()+36000000);
}
else{
setcookie("username",$username);
}
?>
Posted: Wed Dec 12, 2007 9:31 pm
by parka
farkewie wrote:Something like this on your login script after the user has be authorised would do it
Code: Select all
<?php
if (($_POST['remeber_me']) == "yes") {
setcookie("username",$username,time()+36000000);
}
else{
setcookie("username",$username);
}
?>
Let's say the user were to quit the browser, removing it from memory.
When the user loads the same page again, will $_COOKIE be able to retrieve "username" and $username?
I've tried quiting the browser and reloading the same page and my cookie information is lost.
Posted: Thu Dec 13, 2007 4:15 am
by crystal ship
Code: Select all
if($_POST['REQUIRED'] == 'Y'){
setcookie('USR_NAME',"",time() - 60);
setcookie('USR_NAME',$_POST['USR_NAME'],time()+60*60*24*30);
}
else if($_POST['USR_NAME'] == $_COOKIE['USR_NAME']){
setcookie('USR_NAME',"",time() - 60);
}
Posted: Thu Dec 13, 2007 6:32 am
by s.dot
The theory is (if you just want the username and not password too + automatic login)
1. Provide the checkbox for them to check.
2. If it is set on post, set a cookie with their username they posted, otherwise, delete the cookie in case it is set and they unchecked the box.
3. On login page load, check to see if the cookie is set and has a value.
4. If it does, check the box for them and fill in the username field
How you wish to implement this (setting the cookie vs. valid login then setting the cookie) is up to you.
Posted: Fri Dec 14, 2007 9:43 am
by parka
Thanks for the response so far.
Somehow when I quit my browser, removing it from memory, when I load the page looking for cookies, I can't find it. I did a check and it said cookies aren't set. But I have set it before I quit the browser.
I'm pretty sure the cookies are not written onto my computer.
Any ideas how to create persistent cookies?
Posted: Fri Dec 14, 2007 9:55 am
by Josh1billion
You're using $HTTP_COOKIE_VARS[], right?
Example:
Code: Select all
if (isset($HTTP_COOKIE_VARS['username'])) // replace username with whatever you set the cookie name to
print "it worked";
else
print "the cookie is not set";
Posted: Fri Dec 14, 2007 12:23 pm
by John Cartwright
Josh1billion wrote:You're using $HTTP_COOKIE_VARS[], right?
Example:
Code: Select all
if (isset($HTTP_COOKIE_VARS['username'])) // replace username with whatever you set the cookie name to
print "it worked";
else
print "the cookie is not set";
From the OP's original example he is using $_COOKIE. For those of you that do not know the different, HTTP_*_VARS is deprecated.
Posted: Fri Dec 14, 2007 1:36 pm
by aliasxneo
If the cookies are dissapearing then it's probably one of the following:
A) Your browser is not accepting cookies, or has some kind of settings that is deleting them
B) You are not setting a correct expiration time
The point of a cookie is for the browser to store the information on the computer and then send it again when ever a request is sent to the domain from which the cookies was originally retrieved. Therefor, exiting your browser should have no effect on the cookie unless one of the two reasons above is occuring.
Posted: Sat Dec 15, 2007 1:01 am
by parka
aliasxneo wrote:If the cookies are dissapearing then it's probably one of the following:
A) Your browser is not accepting cookies, or has some kind of settings that is deleting them
B) You are not setting a correct expiration time
The point of a cookie is for the browser to store the information on the computer and then send it again when ever a request is sent to the domain from which the cookies was originally retrieved. Therefor, exiting your browser should have no effect on the cookie unless one of the two reasons above is occuring.
Thanks for the suggestion.
A - My browser(Firefox, Opera, Safari) does accept cookies. I went to websites that are using cookies and can quit and reload with the websites remembering me. E.g. Like this forum.
B - I did set the cookie expiration time to sometime in the future. As below:
Code: Select all
setcookie('cookiename', 'cookievalue', time() + 13600)
I think there's some setting in my php.ini that I might need to set.
But I'm not really sure which one.
(By the way, I'm using Mac OS 10.5 on Apache 2.0, PHP 5.2.4)
Posted: Sat Dec 15, 2007 11:01 am
by aliasxneo
Well if you know how you might want to setup a sniffer like WPE Pro on your browser and take a look at the HTTP Response being sent back to your browser. It should include Set-Cookie: commands inside the headers. Also I would check where your browser stores it's cookies and see if anything is being stored at all. If Set-Cookie is being sent but nothing is being stored than it's a browser problem.
Also I would run:
Just to make sure you're getting nothing back.
Posted: Sat Dec 15, 2007 8:18 pm
by parka
aliasxneo wrote:Well if you know how you might want to setup a sniffer like WPE Pro on your browser and take a look at the HTTP Response being sent back to your browser. It should include Set-Cookie: commands inside the headers. Also I would check where your browser stores it's cookies and see if anything is being stored at all. If Set-Cookie is being sent but nothing is being stored than it's a browser problem.
Also I would run:
Just to make sure you're getting nothing back.
Thanks for the tip. The headers part solve my problems for creating a persistent cookie.
What's the theory behind print_r($_COOKIE)?
Posted: Sat Dec 15, 2007 8:47 pm
by aliasxneo
parka wrote:aliasxneo wrote:Well if you know how you might want to setup a sniffer like WPE Pro on your browser and take a look at the HTTP Response being sent back to your browser. It should include Set-Cookie: commands inside the headers. Also I would check where your browser stores it's cookies and see if anything is being stored at all. If Set-Cookie is being sent but nothing is being stored than it's a browser problem.
Also I would run:
Just to make sure you're getting nothing back.
Thanks for the tip. The headers part solve my problems for creating a persistent cookie.
What's the theory behind print_r($_COOKIE)?
http://php.net/print_r
print_r will print an indented representation of an array. $_COOKIE is the default array in which all of the cookie data is stored.
Cookie: name=value;name1=value1
That would translate to this in $_COOKIE:
name => value
name1 => value1
Using print_r on $_COOKIE would in effect list all of the cookie data. If it's blank then your not getting cookie data.