php - Check if cookie is set -

-

to let users logged in, have :

  • the user logs in

  • if ok, create $_session , set cookie :

    setcookie ('test', sha1($_post['username']), time()+604800);

  • then insert in cookie table : hashed username, ip address , browser version.

but, in order check if user logged in (and keep him logged), have query on each page :

  • i check if $_session['id'] exists (it variable user logged in)
  • if exists, nothing happens.
  • if doesn't, check if $_cookie['cookie'] exists
  • if does, user's ip address , browser version
  • with select query, check if actual ip address , browser same in table.
  • if same, reset $_session (so logged in)

now, here's code :

form : 

    <form method="post" action="http://localhost/test/login.php">         <label for="user">username :</label>         <input type="text" name="username" id="user" maxlength="20" placeholder="username">          <label for="pass">password :</label>         <input type="password" name="password" id="pass" placeholder="password">         <br>          <input type="checkbox" name="cookie" value="cookie">remember me ?          <input type="submit" name="login" value="ok">                </form>

functions :

function get_ip() {     if (isset($_server['http_client_ip'])) {     return $_server['http_client_ip'];     }     elseif (isset($_server['http_x_forwarded_for'])) {     return $_server['http_x_forwarded_for'];     }     else {     return (isset($_server['remote_addr']) ? $_server['remote_addr'] : '');     } }   function getbrowser()  { $u_agent = $_server['http_user_agent'];  $bname = 'unknown'; $platform = 'unknown'; $version= "";  if (preg_match('/linux/i', $u_agent)) {     $platform = 'linux'; } elseif (preg_match('/macintosh|mac os x/i', $u_agent)) {     $platform = 'mac'; } elseif (preg_match('/windows|win32/i', $u_agent)) {     $platform = 'windows'; }  if(preg_match('/msie/i',$u_agent) && !preg_match('/opera/i',$u_agent))  {      $bname = 'internet explorer';      $ub = "msie";  }  elseif(preg_match('/firefox/i',$u_agent))  {      $bname = 'mozilla firefox';      $ub = "firefox";  }  elseif(preg_match('/chrome/i',$u_agent))  {      $bname = 'google chrome';      $ub = "chrome";  }  elseif(preg_match('/safari/i',$u_agent))  {      $bname = 'apple safari';      $ub = "safari";  }  elseif(preg_match('/opera/i',$u_agent))  {      $bname = 'opera';      $ub = "opera";  }  elseif(preg_match('/netscape/i',$u_agent))  {      $bname = 'netscape';      $ub = "netscape";  }   $known = array('version', $ub, 'other'); $pattern = '#(?<browser>' . join('|', $known) . ')[/ ]+(?<version>[0-9.|a-za-z.]*)#'; if (!preg_match_all($pattern, $u_agent, $matches)) { }  $i = count($matches['browser']); if ($i != 1) {     if (strripos($u_agent,"version") < strripos($u_agent,$ub)){         $version= $matches['version'][0];     }     else {         $version= $matches['version'][1];     } } else {     $version= $matches['version'][0]; }  if ($version==null || $version=="") {$version="?";}  return array(     'useragent' => $u_agent,     'name'      => $bname,     'version'   => $version,     'platform'  => $platform,     'pattern'    => $pattern ); }

on submit :

if (!empty($_post['pseudo']) && !empty($_post['password'])) { $salt = "salt_test";  $req = $bdd->prepare('select * users username = :username , pass = :pass'); $req->execute(array('username' => $_post['username'], 'pass' => md5(sha1($_post['pass'].$salt))));     if ($data = $req->fetch())     {         if ($data['stat'] != 0)         {         $_session['id'] = $data['id'];         $_session['username'] = $data['username'];         $_session['stat'] = $data['stat'];          $req = $bdd->prepare('update cookies set last_co = current_timestamp id_user = :id');         $req->execute(array('id' => $data['id']));         $req->closecursor();              if(!empty($_post['cookie']))             {             setcookie ('cookie', md5($_post['username']), time()+604800);              $ua = getbrowser();             $yourbrowser= $ua['name']. " " .$ua['version'];              $req = $bdd->prepare('update cookies set hash_username = :hash_username, ip = :ip, browser = :browser id_user = :id');             $req->execute(array('hash_username' => md5($_session['pseudo']), 'ip' => get_ip(), 'browser' => $yourbrowser, 'id' => $_session['id']));             $req->closecursor();             }          ?><meta http-equiv="refresh" content="0.1; url=http://localhost/test/" /><?php         }         elseif ($data['stat'] == 5)         {         $error = 2;         }     }     else     {         $error = 1;     } $req->closecursor(); }

on members page : 

if (isset($_session['id'])) {         if (isset($_cookie['cookie'])         {         $ip = get_ip();         $yourbrowser= $ua['name']. " " .$ua['version'];          $req = $bdd->prepare('select * cookies hash_username = :hash, ip = :ip, browser = :browser');         $req->execute(array('hash_username' => md5($_session['username']), 'ip' => $ip, 'browser' => $yourbrowser));             if ($req->fetch())         {             $_session['id'] = $data['id'];             $_session['username'] = $data['username'];             $_session['stat'] = $data['stat'];         }         $req->closecursor();     } }

so, method ok , heavy performance. don't think "useless" make query every time ?

make new page code 

    if (isset($_session['id'])) {         if (isset($_cookie['cookie'])         {         $ip = get_ip();         $yourbrowser= $ua['name']. " " .$ua['version'];          $req = $bdd->prepare('select * cookies hash_username = :hash, ip = :ip, browser = :browser');         $req->execute(array('hash_username' => md5($_session['username']), 'ip' => $ip, 'browser' => $yourbrowser));             if ($req->fetch())         {             $_session['id'] = $data['id'];             $_session['username'] = $data['username'];             $_session['stat'] = $data['stat'];         }         $req->closecursor();     } }

and include in every page . after not need write code again , again.


Comments

Post a Comment

Popular posts from this blog

node.js - Mongoose: Cast to ObjectId failed for value on newly created object after setting the value -

-
this question has answer here: what's mongoose error cast objectid failed value xxx @ path “_id”? 7 answers even though has been asked many times because entity has no valid objectid field. i came across situation objectid set value can casted objectid still error. the schema: var serviceschema = parammongoose.schema({ servicename:{ type: parammongoose.schema.types.objectid , ref: 'servicenames',required:true } }); pseudo code: servicefromdb=new service({servicename:'some name'}); servicefromdb.servicename='000000000000000000000001'; servicefromdb.save(function(paramerror,paramdata){ if(paramerror){ console.log('but but...',servicefromdb,paramerror) } }); the output of code is: but but... { servicename: 000000000000000000000001, _id: 55079a90286f49280364f78b } { [casterror: cast objectid faile...
Read more

Simple Angular 2 project fails 'Unexpected reserved word' -

-
i trying create simple angular2 project based on ng2do project. using quickstart , have following code... <script src="js/quickstart/dist/es6-shim.js"></script> .... import {component, template, bootstrap, foreach} 'js/quickstart/angular2/angular2'; this gives me following error... uncaught syntaxerror: unexpected reserved word what missing? don't know if helps have been having issues day realised because starting code script reference <script src="app.js"> </script> instead of using <script> system.import('app'); </script> hope helps using in tsconfig { "version": "1.5.0-beta", "compileroptions": { "target": "es6", "module": "amd", "declaration": false, "noimplicitany": false, "removecomments": true, "nolib": fal...
Read more

php - Get process resource by PID -

-
Image
i want write web ssh console, , found 2 problems. what want do. first want execute start.php file have following code. $process = proc_open('start', array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "a") ), $pipes); second want run command.php file run command on created process in start.php file , results it. $pid = 12345; print_r(process_command('ping google.com', $pid)); i want access process ( cmd ) created in past, send command , result. why problem, if can create new process each command.php execution? because new process new session, if login mysql in past command.php execution, in next executions must login mysql again, because new process not remember logged. example on windows. i create new process ( cmd ) in php, current directory c:\webserv\ . i write cd / command, current directory c:\ . this example, dont want c...
Read more