PHP Forum

**amw_drizz** · 01-08-2006, 04:54 PM

Okay i am trying to create an new script from scratch and im working on the login system, and i am having problems with it writing the id & md5pass to the cookie files to be called upon later to verify that the user is logged in,

here is the current user login process script

PHP Code:


			
$usr = $_POST['usr'];

$pwd = $_POST['pwd'];

$admin = $_POST['admin'];



$md5pass = md5($pwd);



$res = "SELECT * FROM contact WHERE username='$usr' && password='$md5pass'";

$subres = mysql_query($res) or die(mysql_error());

if(mysql_num_rows($res) > 0 ){

echo "Incorrect username & Password";

header("Location: ../../index.php?p=login");

}

else{

$id = $subres['id'];

$pwda = $subres['password'];

setcookie("id",$id,time()+60*60*24*365);

setcookie("password",$pwda,time()+60*60*24*365);

}



if(!$subres['group'] == 6){

header("Location: ../../index.php?p=loggedin ");

}

else{

header("Location: ../../admin/index.php ");

}

im lost now

**vangogh** · 01-09-2006, 12:49 AM

Just curious but why not uses sessions to pass the info from page to page?

Also if you're going to create your own cookie wouldn't the id be enough. I assume you won't be asking visitors to continue logging in on each page so is there a reason why you would need to check their password again later?

I can see storing the username, but not sure why the password.

**amw_drizz** · 01-09-2006, 06:54 AM

i tried session but it did not work well, but i can try agian. nothing is transferd and im not a 100% about how to use sessions.

**amw_drizz** · 01-09-2006, 07:42 PM

still no go,

the info is not getting from page to page

**0beron** · 01-09-2006, 08:01 PM

How do you currently read back the cookie details? Can we see the other page to which this info has to get to?

Sessions are simple enough - you need to call session_start() on every page you want to have sessions enabled, making sure to do this before any html output as it involves changing headers (the same as setting cookies, which is how sessions usually work internally). Then you can get and set items in the $_SESSION array, and rertrieve them on any page on which you have called session_start(). When you want to log someone out call session_start() again to call up the right session info and then session_destroy() to end it.

**amw_drizz** · 01-11-2006, 10:20 PM

eh i finally got it to work using cookies, took me and a friend about 5-6 hrs of debugging it till it got the info that was correct