Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2

Thread: remember Me

  1. #1
    New Coder
    Join Date
    Jan 2007
    Posts
    42
    Thanks
    4
    Thanked 0 Times in 0 Posts

    remember Me

    Hi everyone
    i was wondering if anyone can tell me of a good place to get a tutorial that is up to date, on how to add a remember me to my site. I made up this little script to add, but something is tell me that it can be done better and also its not working lol as of yet thanks...

    PHP Code:
    if ($rememberMe == "rememberMe"){
        
    $rememberMe "1";
        }else{
        
    $rememberMe "0";
    }
    //Code here
    if($rememberMe=="1"){
        
    setcookie("rememberCookiename",$user,(time()+604800));
        
    setcookie("rememberCookiePass",md5($pass),(time()+604800));
    }
    header("Location: users");
    }
    else{
        
    $datetime date("d")*10000000000 date("m")*100000000 date("Y")*10000 date("G")*100 date("i"); 
    Last edited by ycpc55; 07-25-2012 at 03:13 AM.

  • #2
    Senior Coder
    Join Date
    Jun 2008
    Location
    New Jersey
    Posts
    2,546
    Thanks
    45
    Thanked 259 Times in 256 Posts
    Why why WHY would you store the password in an already cracked encoding scheme to a cookie the user can read? DON'T!!! md5 is not secure in the least, hasn't been for a while.

    That being said, by remember me, you mean just writing a cookie that logs a user in automatically if its set? If so, you've already done that, what's the issue? That's really all there is to it: if the user is logged in, write a cookie, and if the user isn't logged in, check if the cookie is set. But you don't wanna to something as simple as the user name, and you NEVER wanna store a password.

    Instead, store a hashed string (often I go for stuff like username + date registered + salt phrase). Compare that hashed string to what you expect, if it matches, log the user in, if not, delete the cookie.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •