Need help making login verification cleaner...
Posted on
16th Feb 2014 07:03 pm by
admin
I use the below to verify user login. I first check the cookie for the id, ip and a unique id. If it's set then I move on to verifying that they all belong together. I usually copy and paste everything on a page that needs verification and I just edit the "we are good...." part.
Login verification
<?php
//Check to see if cookie is set
if (isset($_COOKIE['id']) && isset($_COOKIE['ip']) && isset($_COOKIE['uniqueid'])){
$cookieid = $_COOKIE['id'];
$cookieip = $_COOKIE['ip'];
$cookieuniqueid = $_COOKIE['uniqueid'];
require('header.php');
//Select id and loginip according to cookie uniqueid
$query = "SELECT * FROM user WHERE uniqueid = '$cookieuniqueid' LIMIT 1";
if ($result = mysql_query ($query)) {
while ($row = mysql_fetch_array ($result)) {
$id = $row['id'];
$uniqueid = $row['uniqueid'];
$ip = $row['ip'];
}
}
//Compare cookie ip and id with query loginip and id --- if cookies match database then we allow
if ($_COOKIE['id'] == $id && $_COOKIE['ip'] == $ip && $_COOKIE['uniqueid'] == $uniqueid) {
?>
we are good....
<?php
require('footer.php');
//End cookie compare
}
//Redirect to index if cookie compare fails
else {
header('Location: index.php');
}
//End cookie set
}
//Redirect to index if cookie is not set
else {
header('Location: index.php');
}
?>
I was wondering if there was a way for me to just do something like:
<?php
require('verify.php');
//If not logged in user wont see the below..
?>
Login user sees this
No comments posted yet
Your Answer:
Login to answer
268
48
Other forums
Searching keywords from array
Hello everyone, Im just wondering if someone could help me with another issue im having. Im still le
Backflush
I am looking for a report in SAP that would give me a list of all parts that are populated with a ba
Forms Authentication and Refresh at Login page
Hello,
When I try to press the Login button in my webapplication at my login.aspx page nothing h
Structure Question - One Table or One Table Per Record Set?
I have a web app (mySQL and PHP) which allows people to create an item with up to 200 records which
Sending CC Info by email
I am a little bit less knowledgable in the security area as most developers and I know I have a lot
Simple MySQL query...
Hello,
How could I do a mysql query that does this: SELECT * WHERE date/time < 5minutes ag
Load file in PHP
I have 2 files. The first is a PHP generated XML file that's dependent by 2 inputs. The second is a
timezone change with date()
so i put all my times for posts in my made from scratch forum(not phpbb3 or sm)
in my mysql db u
Cloud Computing?
Hello,
I was wondering if anyone could help explain this term to me. I'm starting to hear it
xml
<?php
echo "<h1>XML Articles</h1>";
$home