All geek questions in one place

PHP cookies

How would I "embed" an autolog into this script?

if (isset ($ _ POST ['login'])) {
$ query = mysql_query ("
          SELECT * FROM users 
          WHERE user_name = '".mysql_real_escape_string ($ _ POST [' username '])."' 
      AND user_password = '".mysql_real_escape_string ($ _ POST [' password '])."'
");

/ * wrong login information? terminate the script * /
if (! mysql_num_rows ($ query)) {
header ("Location: ./");
exit ();
}

/ * set session with unique index * /
$ _SESSION ['id'] = mysql_result ($ query, 0, 'user_id');
mysql_query ("UPDATE users SET user_online = '1' WHERE user_id = '{$ _SESSION [' id ']}'");
header ("Location: ./");
exit
}
+3
2

-, :

  • , .
  • , . , ( " *" ) , .

, , . , -, ( , , - , SHA1 - .) cookie, .

, cookie PHP.

, , , cookie. cookie , SESSION, .

+4
//use request so you can link to the page and log the user in. it would be a good idead to use md5() on $_REQUEST['username'] and $_REQUEST['password'] so the password and usernames arent in plain text.  see http://dev.mysql.com/doc/refman/5.1/en/encryption-functions.html#function_md5

if (isset($_REQUEST['login'])) {
$query = mysql_query("
          SELECT * FROM users 
          WHERE user_name = '".md5($_REQUEST['username'])."' 
      AND user_password = '".md5($_REQUEST['password'])."'
");
/* wrong login information? terminate the script */
// there should only be one row returned with the query 
if (mysql_num_rows($query)!=1){
header("Location: ./");
exit();
}

/* set session with unique index */
$_SESSION['id'] = mysql_result($query, 0, 'user_id');
mysql_query("UPDATE users SET user_online = '1' WHERE user_id = '{$_SESSION['id']}'");
header("Location: ./");
exit;
}


//now you can link to the page
<a href="login.php?login=yes&username=**insert md5 hash of user name here**&password=md5 hash of password">auto login</a>
-2

Source: https://habr.com/ru/post/1702851/

More articles:


All Articles