I have been trying to set up my site for users to sign in, which is working okay. However, I can’t seem to set it up so that a user could auto log in.
Isn’t there a way for a cookie to be placed on the users computer and re- access it upon return?
I am using the Adminpro php script. It was a free download and apparently there is no more support for it. I searched through the code and got lost trying to find out if it even has this feature.
The following is a portion of the adminpro_class.php file that is called in every secured page using:
include(“adminpro_class.php”);
[code=php]
/*
**** @function: checkSession(called by class constructor or by checkLogin)
**** calls hasCookie() and checks if the $globalConfig[‘acceptNoCookies’] is true;
**** if no cookie was set and we do not accept that -> makes an error message; else:
**** checks if a session is active: if not -> checkPost() (checks if some post was sent);
**** if session exists, it checks if some $_POST[‘action’]==logout -> makeLogout();
**** if not -> checkTime();
*/
function checkSession(){
if (!$this->hasCookie() && $this->accNoCookies && (@$_POST[‘action’]!=”login” || @$_GET)){
$this->errorMsg=$this->errorNoCookies;
$this->makeErrorHtml();
}
else{
if (!@$_SESSION[‘userID’] || !@$_SESSION[‘sessionID’]) {
$this->checkRemember();
}
elseif (@$_SESSION[‘userID’] && @$_SESSION[‘sessionID’]) {
if (@$_POST[‘action’]==”logout”) {
$this->makeLogout();
}
else{
$this->checkTime();
}
}
}
}
/*
**** @function: hasCookie(called by checkSession())
**** checks if the client’s browser has accepted the cookie of the active session;
**** if yes, it returns true;
**** if not -> it returns false;
*/
function hasCookie(){
if ( isset($_COOKIE[session_name()])) {
return true;
}
else {
return false;
}
}
/*
**** @function: makeLogout(called by checkSession())
**** sets MySQL Time Field=0 and SessionID Field=”;
**** closes the session and goes to logout page, if some $_POST[‘action’]=”logout” was sent;
*/
function makeLogout(){
$db=new mysql_dialog();
$db->connect($this->dbhost, $this->dbuser, $this->dbpass, $this->dbase);
$SQL=”UPDATE “.$this->tbl.” SET “;
$SQL.=$this->tblLastLog.”= 0, “;
$SQL.=$this->tblSessionID.”=” “;
$SQL.=”WHERE “.$this->tblID.”='”.$_SESSION[‘userID’].”‘”;
$db->speak($SQL);
if ($this->enblRemember && isset($_COOKIE[$this->cookieRemName]) && isset($_COOKIE[$this->cookieRemPass])){
setcookie($this->cookieRemName,$_COOKIE[$this->cookieRemName],time());
setcookie($this->cookieRemPass,$_COOKIE[$this->cookieRemPass],time());
}
session_destroy();
header (“Location: “.$this->logoutUrl);
}
/*
**** @function: checkTime(called by checkSession())
**** gets the time of the last page access from the database;
**** compares this time with the time now. If the elapsed minutes>inactiveMin (configuration);
**** or the session ID has changed (by some second login) -> it creates an error page
**** if not -> sets the time now in the MySQL Time Field and goes to checkAdmin();
*/
function checkTime(){
$db=new mysql_dialog();
$db->connect($this->dbhost, $this->dbuser, $this->dbpass, $this->dbase);
$SQL=”SELECT UNIX_TIMESTAMP(“.$this->tblLastLog.”) as lastLog FROM “.$this->tbl;
$SQL.=” WHERE “.$this->tblID.”=”.$_SESSION[‘userID’].” AND “.$this->tblSessionID.”='”.$_SESSION[‘sessionID’].”‘”;
$db->speak($SQL);
$data=$db->listen();
$nowtime=time();
$inactiveSec=$nowtime-$data[‘lastLog’];
if ($inactiveSec/60>$this->inactiveMin) {
$this->errorMsg=$this->errorDelay;
$this->makeErrorHtml();
}
else {
$SQ=”UPDATE “.$this->tbl.” SET “;
$SQ.=$this->tblLastLog.”= now() “;
$SQ.=”WHERE “.$this->tblID.”='”.$_SESSION[‘userID’].”‘”;
$db->speak($SQ);
$this->checkAdmin();
}
}
/
Now I have check through this code several times and it seems that it should already automatically log in using the cookie function. But it is not.
The only other thing I could think of was a small note in the Sams Teach Yourself PHP and MYSQL that says “… By default, sessions do not start automatically. If you want to start a session this way, you will have to find the following line in your php.ini file and change the value from 0 to 1 (and restart the server) …”
Since I am not the host, I do not have access to this. I checked my PHP sysinfo and sure enough, it is set to off. I have contacted my host and waiting a response.