Previous Article Next Article PHP Tutorials: ‘Remember me’ style Login System using Cookies and Sessions (Part 2)
Posted in Php

PHP Tutorials: ‘Remember me’ style Login System using Cookies and Sessions (Part 2)

21 comments

  1. No, not if you hasch the password, the "hacker" won't be able to figure out 25 random characters, so no worries :). But if someone uses your computer. Then it may be dangerous, because they will be able to find the hasch code mr. Cookie are using.

  2. hi there, just wanted to ask if you guys have a fan page on facebook? 🙂
    hmm i need you help T_T
    can u give me a tutorial on how to make a access level on your site?
    example:
    once the user is log in the url on my site is this "localhost/bxulibrary/userhomepage.php"
    but once i change it to "localhost/bxulibrary/ADMINHOME.php" the admin page will get access automatically.. can you teach me how to fix this? it should be, the user should not get an access to the admin page o.O -_-

  3. @01carlyn You havent got to but if somebody hacks your webserver thay have access to all your users accounts because the password is visable so if i was you i would use md5 encryption

  4. @01carlyn

    You should always hash the user's password, so people looking at the database won't be able to see the plaintext versions. There are much safer hash and crypt functions than MD5 though, so using MD5 would be considered very bare minimum security.

    Using the crypt function and a salt would be much better than plaintext or MD5.
    Crypt example:

    $safePassword = crypt($password, '$2a$12$' . $aSalt);

    then
    if ($realpassword == crypt($password, $realpassword)) // Log the user in

  5. i get the following errors:

    Warning: mysql_query() [function.mysql-query]: Access denied for user 'b0'@'localhost' (using password: NO) in on line 24

    Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in on line 24

    Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in on line 25

  6. for all the guys who get error wiv the checkbox, the right code to get the variable is :
    $username=$_POST['username'];
    $password=$_POST['password'];
    if(isSet($_POST['rememberme']))
    {
    $rem=$_POST['rememberme'];
    }
    else
    {
    $rememberme="";
    }

  7. die() can not be ignored by the browser. PHP is independent from the server programming. PHP is the program that sends the information to the browser.

    In regards to the checkbox – it is a good idea to add a value tag to the checkbox. To check if the box was checked you would test the checkbox for that value. FF makes the default value "on" but some browsers vary with this and therefore putting a value is required.

    Great tutorial BTW.

Leave a Reply

Your email address will not be published. Required fields are marked *