I got this fixed, but how do I reverse a md5 encryption????? this way I can log people in again. Jacco -- http://seabird.jmtech.ca Attitude is Everything! But Remember, Attitudes are Contagious! Is Yours worth Catching???? "Seabird" <jacco@vliegt.nl> wrote in message 20021031165410.94762.qmail@pb1.pair.com">news:20021031165410.94762.qmail@pb1.pair.com... > Hi everyone, > > I'm having some trouble configuring a cookie (first time doing this): > I have a login-script and this sets a session cookie. What I really want is > to pass a cookie so that returning-people don't have to log in every time, > but I'm not sure how to do what part is passing on the cookie (I think > $_HTTP_SESSION_VARS=['PHP_SELF'] ) > > How can I change this to a cookie that stores username and password for a > time set by me (infinite). > > Here is my loginscript: > > <?php > if(isset($_POST['submit'])) { // if form has been submitted > /* check they filled in what they were supposed to and authenticate */ > if(!$_POST['uname'] | !$_POST['passwd']) { > print '<form action="index.php" method="post"> > <div align="left"> > <input class="test" name="uname" type="text" size="8" > maxlength="8"> > <input class="test" type="password" size="8" maxlength="8" > name="passwd"> > <input name="submit" type="submit" value="Login"> > <br> > <span class="welcome">please fill in the required > fields.</span></div> > </form> > '; > } > // authenticate. > if(!get_magic_quotes_gpc()) { > $_POST['uname'] = addslashes($_POST['uname']); > } > $check = $db_object->query("SELECT username, password FROM users WHERE > username = '".$_POST['uname']."'"); > if(DB::isError($check)) { > print '<form action="index.php" method="post"> > <div align="left"> > <input class="test" name="uname" type="text" size="8" > maxlength="8"> > <input class="test" type="password" size="8" maxlength="8" > name="passwd"> > <input name="submit" type="submit" value="Login"> > <br> > <span class="welcome">username doesn\'t exist.</span> <a > class="header" > href="javascript:loadPage(\'mainlayer\',null,\'login/signup.php\')">sign up > here</a></div> > </form> > '; > } > $info = $check->fetchRow(); > // check passwords match > $_POST['passwd'] = stripslashes($_POST['passwd']); > $info['password'] = stripslashes($info['password']); > $_POST['passwd'] = md5($_POST['passwd']); > if($_POST['passwd'] != $info['password']) { > print '<form action="index.php" method="post"> > <div align="left"> > <input class="test" name="uname" type="text" size="8" > maxlength="8"> > <input class="test" type="password" size="8" maxlength="8" > name="passwd"> > <input name="submit" type="submit" value="Login"> > <br> > <span class="welcome">wrong password, try again</span></div> > </form> > '; > } > > // if we get here username and password are correct, register session > variables and set > // last login time. > $date = date('m d, Y'); > $update_login = $db_object->query("UPDATE users SET last_login = '$date' > WHERE username = '".$_POST['uname']."'"); > $_POST['uname'] = stripslashes($_POST['uname']); > $_SESSION['username'] = $_POST['uname']; > $_SESSION['password'] = $_POST['passwd']; > $db_object->disconnect(); > ?> > <span class="welcome">Welcome <a class="header" > href="javascript:loadPage('mainlayer',null,'users/edit.php?user=<?=$_SESSION > ['username']?><?PHP print "&PHPSESSID=".session_id(); ?>')"><font > color="white"><?=$_SESSION['username']?></font></a><br><a class="header" > href="login/logout.php">Logout</a> > </span> > <?php > } > else { // if form hasn't been submitted > ?> > <form action="<?=$HTTP_SESSION_VARS['PHP_SELF']?>" method="post"> > <div align="left"> > <input class="test" name="uname" type="text" size="8" > maxlength="8"> > <input class="test" type="password" size="8" maxlength="8" > name="passwd"> > <input name="submit" type="submit" value="Login"> > <br> > <a class="header" > href="javascript:loadPage('mainlayer',null,'login/signup.php')">sign up > here</a> </div> > </form> > <?php > } > ?> > > Thanx, > Jacco > > -- > http://seabird.jmtech.ca > > Attitude is Everything! > But Remember, Attitudes are Contagious! > Is Yours worth Catching???? > > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php