I can't figure out what's the problem with the code but remember me button don't works
any suggestion will be great thanks
Code: Select all
<?php
//get the posted values
$_POST['user']=htmlspecialchars($_POST['user_name'],ENT_QUOTES);
$_POST['pass']=$_POST['password'];
// Page for log-in
include_once("config.php");
include_once("lang/lang_".$lang.".php");
include_once("connect.php");
if(isset($_SESSION['user_id'])) {
echo "yes";
}else{
if(isset($_COOKIE['user_id'])) {
// Read cookie, make session
$sql = "SELECT id,state,password,active FROM `".$db_tbl."` WHERE id='".$_COOKIE['user_id']."'";
$query = mysql_query($sql);
$row = mysql_fetch_object($query);
$id = htmlspecialchars($row->id);
$status = htmlspecialchars($row->state);
$dbpass = htmlspecialchars($row->password);
$actief = htmlspecialchars($row->active);
if($dbpass == $_COOKIE['user_password'] AND $actief == 1) {
$_SESSION['user_id'] = $id;
$_SESSION['user_status'] = $status;
echo "yes";
}else{
echo $login_cookiefalse;
setcookie("user_id", "", time() - 3600);
setcookie("user_password", "", time() - 3600);
}
}else{
// Login
$sql = "SELECT id,name,password,state,active,cookie_pass FROM `".$db_tbl."` WHERE name='".$_POST['user']."'";
$query = mysql_query($sql);
$count = mysql_num_rows($query);
if($count == 1) {
$row = mysql_fetch_object($query);
$dbpass = htmlspecialchars($row->password);
$userpass = md5($_POST['pass']);
$cookiepass = htmlspecialchars($row->cookie_pass);
$userid = htmlspecialchars($row->id);
$userstatus = htmlspecialchars($row->state);
$useractief = htmlspecialchars($row->active);
if($dbpass == $userpass) {
if($useractief == 1) {
$_SESSION['user_id'] = $userid;
$_SESSION['user_status'] = $userstatus;
if($_POST['cookie'] == "do") {
if($cookiepass == "") {
$cookiecode = mt_srand((double)microtime()*100000);
while(strlen($cookiecode) <= 10) {
$i = chr(mt_rand (0,255));
if(eregi("^[a-z0-9]$", $i)) {
$cookiecode = $cookiecode.$i;
}
}
$sql = "UPDATE `".$db_tbl."` SET cookie_pass = '".$cookiecode."' WHERE name = '".$_POST['user']."' LIMIT 1";
mysql_query($sql);
$cookiepass = $cookiecode;
}
setcookie("cookie_id", $userid, time() + 365 * 86400);
setcookie("cookie_pass", $cookiepass, time() + 365 * 86400);
}
echo "yes";
}else{
echo $login_noactive;
}
}else{
echo "no";
}
}else{
echo "no";
}
}
}
?>