Login System

  • Thread starter Thread starter Anonymous
  • Start date Start date
A

Anonymous

Guest
Once again, i come here to ask you guys something :)

I've got a problem with a logon system.
I've got this form to enter a password and a username and also a check box that says "remember my logon"; when the check box is checked, a cookie should by send and the next time you enter the website, it should log you on automatically.

When its not checked, the cookies will expire after 15 minutes. (this works)


The problem is when it's checked, it doesn't log you out on that website, but when i close my browser and re-enter it, i'm not logged in anymore...

Anyone wanna help me out?
Thanks!




Code:
	/////////////////////////////////
	///  Users' Profile Settings  ///
	/////////////////////////////////
	$MyIP=$_SERVER['REMOTE_ADDR'];
        if (getenv('REMOTE_ADDR') != "") {
           $HostIP = @GetHostByAddr(getenv('REMOTE_ADDR'));
        } else {
           $HostIP = @GetHostByAddr($_SERVER['REMOTE_ADDR']);
        }



	// This user logged in or logging in?
	// Set vars:
	$IsLogged=False;
	$MemberName="Guest";
	$USR_TYPE="gst";
	
	if($Action=="login"){
		//////////////////////////////////////////////////////////
		///  This  guest is logging in, so validate post data  ///
		//////////////////////////////////////////////////////////
		$GetUSR=$_POST['UserName'];
		$GetPWD=md5($_POST['Password']);	// Encrypt for data match
		
		$result=MySQL_Query("SELECT Password, IsActive, IsBanned, USR_TYPE FROM tblUsers WHERE UserName='$GetUSR';");
		$num=MySQL_Num_Rows($result);
		
		if($num!=0){
			//////////////////////////////////////////
			//  User exists, get data and process!  //
			//////////////////////////////////////////
			$ThisPassword=MySQL_Result($result,0,"Password");
			$TIsActive=MySQL_Result($result,0,"IsActive");
			$TIsBanned=MySQL_Result($result,0,"IsBanned");
			$USR_TYPE=MySQL_Result($result,0,"USR_TYPE");
			
			if($TIsBanned!="true"){
				//  I'm  not banned	
				if($GetPWD==$ThisPassword){
					//  Passwords match
					if($TIsActive!="false"){
						//  I'm activated
						$IsLogged=true;
						if(IsSet($_POST['RememberLogon'])){
							// Checkbox to remember logon is checked
							// Create cookie without session time
							setcookie("JPCS_PWD",$ThisPassword);
							setcookie("JPCS_USR",$GetUSR);
						} else{
							// Checkbox is not checked
							// Create cookie, expire after 15 minutes
							setcookie("JPCS_PWD",$ThisPassword, time()+15*60); // 15 minutes
							setcookie("JPCS_USR",$GetUSR, time()+15*60); // 15 minutes
						}
						
						$MemberName=$GetUSR;	//  Set my name
						
						// Update Online list
						$TimeSpan=time();
						MySQL_Query("UPDATE tblUsers SET Time='$TimeSpan' WHERE UserName='$GetUSR';");
					} else{
						//  I'm not activated!
						$Page="inactive";
					}	
				} else{
					//  Passwords didn't match
					$Page="invalid_logon";
				}
			} else{
				//  I'm banned
				$Page="banned";
			}
		} else{
			//  No such user here
			$Page="invalid_logon";
		}
	} else{
		//////////////////////////////////////////////////
		///  Guest didn't login, so check for cookies  ///
		//////////////////////////////////////////////////
		if(IsSet($_COOKIE['JPCS_USR']) && IsSet($_COOKIE['JPCS_PWD'])){
			/// Check cookies:
			$GetUSR=$_COOKIE['JPCS_USR'];
			$GetPWD=$_COOKIE['JPCS_PWD'];
			
			$result=MySQL_Query("SELECT Password, IsActive, IsBanned, USR_TYPE FROM tblUsers WHERE UserName='$GetUSR';");
			$num=MySQL_Num_Rows($result);
			if($num==0){
				// UserName does not exists
				// remove cookies:
				setcookie("JPCS_USR","",time()-60);
				setcookie("JPCS_PWD","",time()-60);
			} else{
				//////////////////////////////////////
				//  User exists, get data process!  //
				//////////////////////////////////////
				$ThisPassword=MySQL_Result($result,0,"Password");
				$TIsActive=MySQL_Result($result,0,"IsActive");
				$TIsBanned=MySQL_Result($result,0,"IsBanned");
				$USR_TYPE=MySQL_Result($result,0,"USR_TYPE");
				
				if($TIsActive=="true"){
					// I'm active
					if($TIsBanned=="false"){
						// I'm not banned
						if($GetPWD==$ThisPassword){
							// Password match
							$IsLogged=true;
							$MemberName=$GetUSR;
							// Update Online list
							$TimeSpan=time();
							MySQL_Query("UPDATE tblUsers SET Time='$TimeSpan' WHERE UserName='$GetUSR';");
						} else{
							// Incorrect logon information, so
							// Destroy cookies:
							setcookie("JPCS_USR","",time()-60);
							setcookie("JPCS_PWD","",time()-60);
						}
					} else{
						//  I'm banned
						$Page="banned";
					}
				} else{
					//  I'm not activated
					$Page="inactive";
				}
			}
		}
	}
 
hi,
Please read information on cookies. properly
you can specify the time period for the cookie to remain.
 
Back
Top