How to do that user will not be automatic logged in? Need help

Codewalkers Forums Sponsor:

November 23rd, 2005, 11:57 AM

toplisek

Contributing User

Join Date: Apr 2007

Posts: 140

Time spent in forums: 9 m 22 sec
Reputation Power: 3

How to do that user will not be automatic logged in? Need help

I have cookie and it is set with code:

php Code:

Original - php Code
setcookie('cookname', $_POST['usernamelogin']);

setcookie('cookname', $_POST['usernamelogin']);

user is automatic logged in with code on each page:

php Code:

Original - php Code

if(isset($_COOKIE['cookname']) /*&& isset($_COOKIE['cookpass'])*/)
          {
            $user = $_COOKIE['cookname'];
          //  $crypt_user = md5 ($_COOKIE['cookname'] );
            $SESSID  = md5( time() );
           /* $password = $_COOKIE['cookpass'];   */

$sql = "SELECT * FROM membership WHERE usernamemem = '$user'";
               $sql = mysql_query($sql);
        	   $result = mysql_fetch_assoc($sql);

if(   $user == $result['usernamemem'] /*&&
            		      $password == $result['password']*/    )
                  {
                        //  $_SESSION['logged'] = TRUE;
                        // $validation=TRUE;
                         $SESSID  = md5( time() );

$query1 = " DELETE FROM users_session
                            WHERE SESSusername = '{$user}'";
                             mysql_query ($query1,$link)
                             or die ("Delete error:".mysql_error());

$query2 = "INSERT INTO users_session
                           SET
                              `SESSID` = '{$SESSID}',
                              `SESSusername` = '{$user}',
                      	      `SESSIP` = '{$_SERVER['REMOTE_ADDR']}',
                              `SESStype` = 'logged',
                      		  `TimeOut` = UNIX_TIMESTAMP()" ;
                                $_SESSION['logged'] = TRUE;
                                $_SESSION['SESSID']= $SESSID;
                                $_SESSION['SESSusername'] = $user;
                                $_SESSION['SESSIP']= $_SERVER['REMOTE_ADDR'];
                                $_SESSION['SESStype']= 'logged';
                                $_SESSION['TimeOut']= 'UNIX_TIMESTAMP()';
                           mysql_query ($query2,$link)
                           or die ("Insert error:".mysql_error());
                      			     	//print 'logged in!!';
            	     }    //passwords dont mach
           }

 
   if(isset($_COOKIE['cookname']) /*&& isset($_COOKIE['cookpass'])*/)
          {
            $user = $_COOKIE['cookname'];
          //  $crypt_user = md5 ($_COOKIE['cookname'] );
            $SESSID  = md5( time() );
           /* $password = $_COOKIE['cookpass'];   */
 
 
               $sql = "SELECT * FROM membership WHERE usernamemem = '$user'";
               $sql = mysql_query($sql);
               $result = mysql_fetch_assoc($sql);
 
               if(   $user == $result['usernamemem'] /*&&
                          $password == $result['password']*/    )
                  {
                        //  $_SESSION['logged'] = TRUE;
                        // $validation=TRUE;
                         $SESSID  = md5( time() );
 
 
                          $query1 = " DELETE FROM users_session
                            WHERE SESSusername = '{$user}'";
                             mysql_query ($query1,$link)
                             or die ("Delete error:".mysql_error());
 
                           $query2 = "INSERT INTO users_session
                           SET
                              `SESSID` = '{$SESSID}',
                              `SESSusername` = '{$user}',
                              `SESSIP` = '{$_SERVER['REMOTE_ADDR']}',
                              `SESStype` = 'logged',
                            `TimeOut` = UNIX_TIMESTAMP()" ;
                                $_SESSION['logged'] = TRUE;
                                $_SESSION['SESSID']= $SESSID;
                                $_SESSION['SESSusername'] = $user;
                                $_SESSION['SESSIP']= $_SERVER['REMOTE_ADDR'];
                                $_SESSION['SESStype']= 'logged';
                                $_SESSION['TimeOut']= 'UNIX_TIMESTAMP()';
                           mysql_query ($query2,$link)
                           or die ("Insert error:".mysql_error());
                                  //print 'logged in!!';
                     }    //passwords dont mach
           }

How to do that if user decides logout, cookie will be with value empty? I have on logout page:

php Code:

Original - php Code
setcookie('cookname', '', time()-3600); $_COOKIE['cookname']=FALSE; session_destroy();

setcookie('cookname', '', time()-3600); 
 
$_COOKIE['cookname']=FALSE;
session_destroy();

But this logout does not reset cookie. What is problem? Please help..he will be again logged in

November 24th, 2005, 11:24 PM

lig

"Forum Nazi"

Join Date: Apr 2007

Location: Jacksonville, Fl

Posts: 4,775

Time spent in forums: 4 Days 13 h 44 m 21 sec
Reputation Power: 7

RE: How to do that user will not be automatic logged in? Need help

I beleive you need to unset the cookie, not make it's value false and destroy the seesion.

November 25th, 2005, 08:35 AM

Anonymous

Registered User

Codewalkers God 35th Plane (22000 - 22499 posts)

Join Date: Apr 2007

Posts: 22,309

Time spent in forums: < 1 sec
Reputation Power: 25

RE: How to do that user will not be automatic logged in? Need help

I have noticed that to unset the cookie, I have to give under
session_start();
setcookie('cookname', '', time()-3600);

Now it works, but I would like to include file in logout page. Do you know how is correct all code to
reset all session and cookies in such file?

November 27th, 2005, 03:22 AM

lig

"Forum Nazi"

Join Date: Apr 2007

Location: Jacksonville, Fl

Posts: 4,775

Time spent in forums: 4 Days 13 h 44 m 21 sec
Reputation Power: 7

RE: How to do that user will not be automatic logged in? Need help

I would also look in the manual under unset.

php Code:

Original - php Code
unset($_COOKIE['cookname']);

 
unset($_COOKIE['cookname']);

Viewing: Codewalkers Forums > PHP Related > PEAR Packages > How to do that user will not be automatic logged in? Need help

« Previous Thread | Next Thread »

Thread Tools	Search this Thread
Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread:

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts vB code is On Smilies are On [IMG] code is On HTML code is Off

View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox

Forum Jump

Free IT White Papers!

Create the Optimal Architecture for your Critical Applications
Warburton's the largest independently owned bakery in the UK faced a number of difficult challenges in providing the most robust yet efficient IT infrastructure for their organization's success. IBM's services combined with their xSeries servers created the perfect platform for their SAP environment with sufficient flexibility, and did so in very time effective fashion.
Request Your Free Technology Downloads!

Five Best Practices for Deploying a Successful Service-Oriented Architecture
This white paper describes the benefits you can expect with SOA, and how IBM can help take your business there.
Request Your Free Technology Downloads!

Gartner Magic Quadrant for Application Delivery Controllers
Gartner summarizes its view on Application Delivery Controllers, evaluates strengths and weaknesses of solutions, and provides Magic Quadrant reporting for a quick comparison across all vendors. Learn from Gartner how you can benefit from an all-in-one device like Citrix NetScaler that delivers the highest levels of availability, performance and security.
Request Your Free Technology Downloads!

Knowledge is Power
What you don't know can hurt you, and is likely costing you money and increasing your security risks during an era of scarce resources. This white paper proposes six key strategies that enterprise security managers can use to improve their network defense posture.
Request Your Free Technology Downloads!

Rationalizing the Multi-Tool Environment
The rationalized multi-tool approach is flexible, scalable and cost effective. It provides the necessary input to the IT service management business processes. It preserves prior investments in monitoring tools, empowers technologists to select the best tools with which to do their jobs, and enhances effective response to incidents.
Request Your Free Technology Downloads!

More Free IT White Papers!