How can you keep track of login status by PHP?
I include the following page to each my page to check the login status. I try to identify the user after he logs in by the cookie. However, I have not managed to read my login_cookie or use it in any way.
The code *handle_login_status.php* where I manipulate the login status
<?php
$dbconn = pg_connect("host=localhost port=5432 dbname=masi user=masi password=123");
//1. read the first word in Cookie of the form
//"email@gmail.com,ca05106e445c15197f7213bc12648524
//Then, store this word to $email
$cookie_tripped = explode(",", $_COOKIE['login_cookie']);
$email = $cookie_tripped[0];
$result = pg_prepare($dbconn, "query1", 'SELECT passhash_md5 FROM users
WHERE email = $1;');
$result = pg_execute($dbconn, "query1", array($email));
if(!$result) {
exit;
}
// to take the passhash out of the cookie
$passhash_md5_cookie = $cookie_tripped[1];
if($result == $passhash_md5_cookie) {
$result = pg_prepare($dbconn, "query7", "UPDATE users SET logged_in = $1
WHERE email = $2;");
$result = pg_execute($dbconn, "query7", array("true", $email));
$logged_in = true;
}
else {
$result = pg_execute($dbconn, "query7", array("false", $email));
$logged_in = false;
}
Ben giriş formunun işleyicisi çerez kurmak.
The declaration of login_cookie at handle_login_form.php
global $login_cookie;
$login_cookie = $_POST['email'] . ',' . md5($_POST['password']);
$result = pg_prepare($dbconn, "query3", 'SELECT passhash_md5
FROM users WHERE email = $1;');
$result = pg_execute($dbconn, "query3", array($_POST['email']));
while ($row = pg_fetch_row($result)) {
$password_original = $row[0];
}
$login_cookie_original = $_POST['email'] . ',' . md5($password_original);
if ( $login_cookie_original == $login_cookie )
{
setcookie("login_cookie", $login_cookie);
header("Location: /codes/index.php?ask_question");
die("logged in");
}
