pritam79 Posted May 27, 2011 Share Posted May 27, 2011 Hi all, I have the following three pages, setme.php, login.php and authormaster.php. This is login.php <?phpif($state == 'cu') { setcookie("login[username]", "", time()-360); setcookie("login[password]", "", time()-360); header('Location:login.php'); exit; }else if($state == 'so') { setcookie("login[password]", "", time()-3600); header('Location:login.php'); exit; }if(isset($_COOKIE['login']['username']) && isset($_COOKIE['login']['password'])) { header('Location:authormaster.php'); }?><html><body><form action="setme.php" method="post" name="frmLogin">Username:<input name="txtusername" type="text" value="<?php if(isset($_COOKIE['login']['username'])) echo $_COOKIE['login']['username']; ?>"><br><br>Password:<input name="txtpassword" type="password"><br><br><input name="chkrem" type="checkbox" value="REMEMBER">Remember<br><input name="submit" type="submit" value="Sign In"></form></body></html> This is setme.php <?php$result = mysql_pconnect("localhost","root","");mysql_select_db("users");$qry="SELECT * FROM Users WHERE Username='$_POST[txtusername]' AND Password='$_POST[txtpassword]'";$res=mysql_query($qry);$numrows=mysql_numrows($res);if($numrows == 1) { if($_POST['chkrem']=="REMEMBER") { setcookie("login[Username]",$_POST['txtusername'], time()+360); setcookie("login[Password]",$_POST['txtpassword'], time()+360); } header('Location:authormaster.php'); } else { $msg = "Invalid Username/Password"; header("Location:login.php?msg=".msg); }?> This is authormaster.php <html><head><title>Untitled 1</title></head><body><a href="login.php?state=so">Sign Out</a> <a href="login.php?state=cu">Change user</a></body></html> A user has to first open 'login.php' which should provide the user with textboxes to enter their username and password. But on loading login.php I do get a login form with textboxes, but along with the textboxes I also get to see errors which say-Notice: Undefined variable: state in C:\wamp\www\KKHSOU\login\login.php on line 3Notice: Undefined variable: state in C:\wamp\www\KKHSOU\login\login.php on line 11 Link to comment Share on other sites More sharing options...
birbal Posted May 27, 2011 Share Posted May 27, 2011 $state has not being declared or intialized in that page so that notice is coming. what does $state suppose to be there? Link to comment Share on other sites More sharing options...
pritam79 Posted May 27, 2011 Author Share Posted May 27, 2011 $state has not being declared or intialized in that page so that notice is coming. what does $state suppose to be there?I got the code in a book. I doubt the code would work but the functioning is such that the user will first login through 'login.php', which will use the script 'setme.php' to verify if the username and password are in the database, and if so will redirect the user to 'authormaster.php'. But the script is not working. Link to comment Share on other sites More sharing options...
birbal Posted May 27, 2011 Share Posted May 27, 2011 i am not sure what does the purpose of $state? what does it contain which you are checking here? there should be some valu in $state prior to checking it in if-else conidtion.and what is not working when you try to login?x waht is happening? Link to comment Share on other sites More sharing options...
pritam79 Posted May 27, 2011 Author Share Posted May 27, 2011 i am not sure what does the purpose of $state? what does it contain which you are checking here? there should be some valu in $state prior to checking it in if-else conidtion.and what is not working when you try to login?x waht is happening?I want the scripts to do the following.1. Accept a valid username and password.2. Authenticate the user against the database and serve the ‘authormaster.php’ page if validated.3. If the REMEMBER ME option is selected on the login page, then the next time the user logs-in the server should directly serve the user with ‘authormaster.php’.4. The ‘authormaster.php’ page should allow users to do the following- a) Sign Out – brings the user back to login.php and populates the ‘username’ field with the last username used to login. Change User – allows the user to login as a different user by bringing back the login page with nothing populated in the text boxes.--- What are the changes that need to be made in order to function in the way mentioned in steps 1 to 4????? Link to comment Share on other sites More sharing options...
birbal Posted May 27, 2011 Share Posted May 27, 2011 Firstly storing the raw password is in cookie is not good. you can consider to make a pass key for autologin. the passkey will be associated with the user in the database. if($state == 'cu'){ setcookie("login[username]", "", time()-360); setcookie("login[password]", "", time()-360); header('Location:login.php'); exit;}else if($state == 'so'){ setcookie("login[password]", "", time()-3600); header('Location:login.php'); exit;}if(isset($_COOKIE['login']['username']) && isset($_COOKIE['login']['password'])){ header('Location:authormaster.php');}I am not sure about this part. you can check here for username/passkey cookie exist or not and user is already logged in or notif the username and passkey cookie exist and user is already not logged in check in database for username-passkey comboif matched found mark user as authenticated.other than that codes looks good.It would be more apporpiate f you associate a timestamp with the pass key. which will hold the timestamp when user has checked option for autologin. so the next time when you query for username-passkey you can check for the timestamp that the timestamp is valid or not for certain amount of time (defined by you). Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.