Link to home
Create AccountLog in
Avatar of rgb192
rgb192Flag for United States of America

asked on

php cookies and extending the session

when user is logged in, I set cookie
setcookie('username',$_SESSION['userid'],time()+2678400);


next if cookie is set, log the user back in and extend the cookie
if (isset($_COOKIE['userid'])){
  require_once (MYSQL);
  echo '<br>your cookie says your userid is:'. $_COOKIE['userid'];
  
  
  
      $q = "SELECT * FROM users WHERE userid=".$_COOKIE['userid'];
    //echo $q;
    $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
    
    if (@mysqli_num_rows($r) == 1) { // A match was made.
      
      // Register the values & redirect:
      $_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC);
      setcookie('userid',$_SESSION['userid'],time()+30);

Open in new window


please dont tell me to change to drupal or a framework
what is wrong with this setup  

should I md5 the userid in the cookie

can someone create a cookie on my website and log themselves in
ASKER CERTIFIED SOLUTION
Avatar of Dave Baldwin
Dave Baldwin
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of rgb192

ASKER

thanks for cookies, session info