Jump to content
pritam79

PHP login

Recommended Posts

Hi all, I have the following three pages, setme.php, login.php and authormaster.php. This is login.php

<?phpif($state == 'cu') {  setcookie("login[username]", "", time()-360);  setcookie("login[password]", "", time()-360);    header('Location:login.php');  exit; }else if($state == 'so') {  setcookie("login[password]", "", time()-3600);  header('Location:login.php');  exit; }if(isset($_COOKIE['login']['username']) && isset($_COOKIE['login']['password'])) {  header('Location:authormaster.php'); }?><html><body><form action="setme.php" method="post" name="frmLogin">Username:<input name="txtusername" type="text" value="<?php if(isset($_COOKIE['login']['username'])) echo $_COOKIE['login']['username']; ?>"><br><br>Password:<input name="txtpassword" type="password"><br><br><input name="chkrem" type="checkbox" value="REMEMBER">Remember<br><input name="submit" type="submit" value="Sign In"></form></body></html>

This is setme.php

<?php$result = mysql_pconnect("localhost","root","");mysql_select_db("users");$qry="SELECT * FROM Users WHERE Username='$_POST[txtusername]' AND Password='$_POST[txtpassword]'";$res=mysql_query($qry);$numrows=mysql_numrows($res);if($numrows == 1) {   if($_POST['chkrem']=="REMEMBER")	{	  setcookie("login[Username]",$_POST['txtusername'], time()+360);	  setcookie("login[Password]",$_POST['txtpassword'], time()+360);	}   header('Location:authormaster.php'); }	else {  $msg = "Invalid Username/Password";  header("Location:login.php?msg=".msg); }?>

This is authormaster.php

<html><head><title>Untitled 1</title></head><body><a href="login.php?state=so">Sign Out</a>   <a href="login.php?state=cu">Change user</a></body></html>

A user has to first open 'login.php' which should provide the user with textboxes to enter their username and password. But on loading login.php I do get a login form with textboxes, but along with the textboxes I also get to see errors which say-Notice: Undefined variable: state in C:\wamp\www\KKHSOU\login\login.php on line 3Notice: Undefined variable: state in C:\wamp\www\KKHSOU\login\login.php on line 11

Share this post


Link to post
Share on other sites

$state has not being declared or intialized in that page so that notice is coming. what does $state suppose to be there?

Share this post


Link to post
Share on other sites
$state has not being declared or intialized in that page so that notice is coming. what does $state suppose to be there?
I got the code in a book. I doubt the code would work but the functioning is such that the user will first login through 'login.php', which will use the script 'setme.php' to verify if the username and password are in the database, and if so will redirect the user to 'authormaster.php'. But the script is not working.

Share this post


Link to post
Share on other sites

i am not sure what does the purpose of $state? what does it contain which you are checking here? there should be some valu in $state prior to checking it in if-else conidtion.and what is not working when you try to login?x waht is happening?

Share this post


Link to post
Share on other sites
i am not sure what does the purpose of $state? what does it contain which you are checking here? there should be some valu in $state prior to checking it in if-else conidtion.and what is not working when you try to login?x waht is happening?
I want the scripts to do the following.1. Accept a valid username and password.2. Authenticate the user against the database and serve the ‘authormaster.php’ page if validated.3. If the REMEMBER ME option is selected on the login page, then the next time the user logs-in the server should directly serve the user with ‘authormaster.php’.4. The ‘authormaster.php’ page should allow users to do the following- a) Sign Out – brings the user back to login.php and populates the ‘username’ field with the last username used to login. :) Change User – allows the user to login as a different user by bringing back the login page with nothing populated in the text boxes.--- What are the changes that need to be made in order to function in the way mentioned in steps 1 to 4?????

Share this post


Link to post
Share on other sites

Firstly storing the raw password is in cookie is not good. you can consider to make a pass key for autologin. the passkey will be associated with the user in the database.

if($state == 'cu'){ setcookie("login[username]", "", time()-360); setcookie("login[password]", "", time()-360); header('Location:login.php'); exit;}else if($state == 'so'){ setcookie("login[password]", "", time()-3600); header('Location:login.php'); exit;}if(isset($_COOKIE['login']['username']) && isset($_COOKIE['login']['password'])){ header('Location:authormaster.php');}
I am not sure about this part. you can check here for username/passkey cookie exist or not and user is already logged in or notif the username and passkey cookie exist and user is already not logged in check in database for username-passkey comboif matched found mark user as authenticated.other than that codes looks good.It would be more apporpiate f you associate a timestamp with the pass key. which will hold the timestamp when user has checked option for autologin. so the next time when you query for username-passkey you can check for the timestamp that the timestamp is valid or not for certain amount of time (defined by you). Edited by birbal

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...