422,024 Members | 1,034 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 422,024 IT Pros & Developers. It's quick & easy.

Persistent Cookie Help Required!

P: 39
This is a login.php.

The user is given a choice to either input his/her Username & Password or Email & Password. In short, either log-in inputting your Username or your Email.

It is written in mysqli procedural. I have not learned pdo oop yet. I need help in the login.php to add the "Remember Me" feature using Cookies. I have googled but most tutorials teach to save the user password in the cookie! And that is a big NO! NO!
Therefore, I do not trust these tutorials any more. But, I trust the php folks here!
Can someone be the Great Samaritan here to show me an example code of how the cookie part should be coded in php ? You're welcome to not start from scratch but work on my work (login.php).
registration.php, logout.php and account_acivation.php finished. Those last 3 files are working fine. Working on the home.php now.


login.php

Expand|Select|Wrap|Line Numbers
  1.     <?php
  2.  
  3.     /*
  4.     ERROR HANDLING
  5.     */
  6.     declare(strict_types=1);
  7.     ini_set('display_errors', '1');
  8.     ini_set('display_startup_errors', '1');
  9.     error_reporting(E_ALL);
  10.     mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
  11.  
  12.     include 'config.php';
  13.  
  14.     // check if user is already logged in
  15.     if (is_logged() === true) 
  16.     {
  17.         //Redirect user to homepage page after 5 seconds.
  18.         header("refresh:2;url=home.php");
  19.         exit; //
  20.     }
  21.  
  22.  
  23.     if (isset($_POST["login_username_or_email"]) && 
  24.     isset($_POST["login_password"]))
  25.         {
  26.             $username_or_email = trim($_POST["login_username_or_email"]);
  27.             $password = $_POST["login_password"];        
  28.  
  29.             //Select Username or Email to check against Mysql DB if they are 
  30.             already registered or not.
  31.  
  32.             if(strpos("$username_or_email", "@"))
  33.             {
  34.                 $email = $username_or_email;
  35.  
  36.                 $query = "SELECT ids, usernames, passwords, emails, 
  37.                 accounts_activations_statuses FROM users WHERE emails = ?";
  38.                 $stmt = mysqli_stmt_init($conn);
  39.                 $stmt = mysqli_prepare($conn, $query);            
  40.                 mysqli_stmt_bind_param($stmt, 's', $email);
  41.                 mysqli_stmt_execute($stmt);
  42.                 //$result = mysqli_stmt_get_result($stmt); //Which line to use ? 
  43.                 This line or the next ?
  44.                 $result = mysqli_stmt_bind_result($stmt, $db_id, $db_username, 
  45.                 $db_password, $db_email, $db_account_activation_status); // 
  46.                 Which line to use ? This line or the one above ?
  47.             }
  48.             else
  49.             {
  50.                 $username = $username_or_email;
  51.  
  52.                 $query = "SELECT ids, usernames, passwords, emails, 
  53.                 accounts_activations_statuses FROM users WHERE usernames = ?";
  54.                 $stmt = mysqli_stmt_init($conn);
  55.                 $stmt = mysqli_prepare($conn, $query);
  56.                 mysqli_stmt_bind_param($stmt, 's', $username);
  57.                 mysqli_stmt_execute($stmt);
  58.                 $result = mysqli_stmt_bind_result($stmt, $db_id, $db_username, 
  59.                 $db_password, $db_email, $db_account_activation_status); // 
  60.                 Which line to use ? This line or the one above ?
  61.             }
  62.  
  63.             $row = mysqli_stmt_fetch($stmt);        
  64.             mysqli_stmt_close($stmt);
  65.  
  66.             if (!password_verify($password, $db_password))
  67.             {
  68.                 echo "Incorrect User Credentials!';<br>";
  69.                 exit();
  70.             }
  71.             else
  72.             {
  73.                 $_SESSION["user"] = $db_username;            
  74.                 header("location:home.php?user=$db_username");    
  75.             }
  76.         }    
  77.     ?>
  78.  
Oct 12 '17 #1
Share this question for a faster answer!
Share on Google+

Post your reply

Sign in to post your reply or Sign up for a free account.