I was just wondering how this is done; keeping users logged in forever on your site( as long as they want to), even through out their activities on the site, as the switch from page to page.. Even the way it shows your log-in status(username or so) all through your time on the site, and how the browser automatically logs one in..

Can someone give a basic example...

Thanks.

you use cookies and sessions to track users, but they expire after a certain amount of time and some browsers don't support cookies or the user may not enable cookies... in this case you use a database

Use Cookies And Set D Days To 1000 Or 500 Days It'll Last Long

You can configure your sessions to last forever

<?php
session_set_cookie_params(604800); //this session will last for 1 week (or 7 days)
session_start();
?>

<?php
session_set_cookie_params(604800*100000000000000000000000); //err how long will this session last?
session_start();
?>

I am not seeing any help in the examples here, you are just setting up session variables to do what exactly? How's the session variable (holding the log-in status/user data) passed from program to program or what's the mechanism(code) for the individual programs loading up the session var, e.t.c...

As a rookie, I do this my passing the username (in an input element) from page to page and that is really tiring and ineffective and not dynamic.

Say I have 4 seperate pages on my menu system: home, about us, services, blog.

To view blog posts on the blog page, the user needs to be logged-in or else you create an account. Now, after login-in via the blog page, and you click 'home' menu from here, username data might get lost.

Your question is not even specific at all. One, you did not even mention the language, i just assumed PHP. Plus, your other question about basic examples is unclear. You need to tell us the language, plus you need to have done some research yourself.

I am not the type of dude that delights in copying and pasting stuffs from google, and now shining, no. I prefer being practical, if there is something you can easily read somewhere online that will solve your problem, i will rather point you to it.

paranorman:
I am not seeing any help in the examples here, you are just setting up session variables to do what exactly? How's the session variable (holding the log-in status/user data) passed from program to program or what's the mechanism(code) for the individual programs loading up the session var, e.t.c...

As a rookie, I do this my passing the username (in an input element) from page to page and that is really tiring and ineffective and not dynamic.

Say I have 4 seperate pages on my menu system: home, about us, services, blog.

To view blog posts on the blog page, the user needs to be logged-in or else you create an account. Now, after login-in via the blog page, and you click 'home' menu from here, username data might get lost.

http is a stateless protocol hence you cannot link a visitor of any page to the previous one he/she has visited on your site. different programming languages have different mechanism to track visitors from page to page as they browse through the site.

in php there are several ways of tracking users and preserving their data throughout their log in session but the most common and the most used is session.

session is a php extension which enables you to track log in users and store data associated with them.

in php, the mechanism is simple; when a user logs in, you call session_start() function which creates a session id and initializes the session superglobals which is an array where you can store the users' data. you can now access the users' data (of course you have to push the users data manually to the array) from that array in all your pages.

naturally php sessions expire at a specific time (i cannot remember the duration but you can set it manually) and sessions data are stored on files for faster access instead of database (you can also change this). php will store the session id as browser cookies or pass it from one url to another depending on myriads of conditions.

as a beginner, you need to undergo this ritual of knowing what is happening under the hood to hone your skill and know the features offered by your language of choice but as you get better this becomes a mundane activity and you will get authentication/authorization libraries that will handle this transparently.

this is not comprehensive, it is just to tell you of the capabilities of php in handling data from request to request and link it to a particular user.
you can head over to php.net and get all the info you need. just download the documentation in chm format and you will get all the explanation on session usage. don't forget to compare it with the user contributed notes on the site.

romme2u:


http is a stateless protocol hence you cannot link a visitor of any page to the previous one he/she has visited on your site. different programming languages have different mechanism to track visitors from page to page as they browse through the site.

in php there are several ways of tracking users and preserving their data throughout their log in session but the most common and the most used is session.

session is a php extension which enables you to track log in users and store data associated with them.

in php, the mechanism is simple; when a user logs in, you call session_start() function which creates a session id and initializes the session superglobals which is an array where you can store the users' data. you can now access the users' data (of course you have to push the users data manually to the array) from that array in all your pages.

naturally php sessions expire at a specific time (i cannot remember the duration but you can set it manually) and sessions data are stored on files for faster access instead of database (you can also change this). php will store the session id as browser cookies or pass it from one url to another depending on myriads of conditions.

as a beginner, you need to undergo this ritual of knowing what is happening under the hood to hone your skill and know the features offered by your language of choice but as you get better this becomes a mundane activity and you will get authentication/authorization libraries that will handle this transparently.

this is not comprehensive, it is just to tell you of the capabilities of php in handling data from request to request and link it to a particular user.
you can head over to php.net and get all the info you need. just download the documentation in chm format and you will get all the explanation on session usage. don't forget to compare it with the user contributed notes on the site.

thanks..

dhtml18:
Your question is not even specific at all. One, you did not even mention the language, i just assumed PHP. Plus, your other question about basic examples is unclear. You need to tell us the language, plus you need to have done some research yourself.

I am not the type of dude that delights in copying and pasting stuffs from google, and now shining, no. I prefer being practical, if there is something you can easily read somewhere online that will solve your problem, i will rather point you to it.

bros, na PHP na. See the topic eh.

paranorman:


bros, na PHP na. See the topic eh.

I see, well someone has given you the answer you need. I believe you have a lot of work to do learning how to do stuffs.

"Cookies" will give you the result you seek. Below codes are effective.

You need users table with these fields:

id //int primary AI
username //varchar 30
password //varchar 50
signup_time int
current_cookie //text
cookie_count //int default 1. This can be used to change users cookie, if you decided to have a "logout all" feature on your site, and when users click it the current cookie will increment by 1 and when next a user logs in a new unique encrypted cookie will be created rendering other login cookies in other browsers obsolete.

Create these functions:

function user_exists($username){
//query the db and return true if $username exist on users table.
}

function login_green($username, $password){
//query the db and return true if function variables match users table username and password.
}

function encrypted_cookie($cookie_count, $user_id, $signup_time, $username){
//md5 and crypt(crypt_std_des) and part of your username as salt will be used to create a unique and secure cookie, with of course the incoming function variables.
$pa = crypt($user_id, 'pa');
$ra = crypt($signup_time, 'ra);
$no = crypt($username, 'no');
$conc = $cookie_count.$one.$two.$three; //the dot(.) joins all the three encrypted strings and $cookie_count.
$enc_cookie = crypt($conc, 'rm');//rm is just the 7th and 8th letters in your username
return $enc_cookie;
}

Html field:
<form action='login.php' method='post'>
<input type='text' name='username'>
<input type='password' name='password'>
<input type='submit' name='submit' value='Login'>
</form>

Php codes for login page
if(isset($_POST["submit"])){
if(isset($_POST['username'], $_POST['password']) &&!empty($_POST['username']) &&!empty($_POST['password'])){
$username = trim($_POST['username']);
$password = trim($_POST['password']);
if(user_exists($username) == true){
if(login_green($username, $password) == true){
//SELECT * FROM `users table, use mysqli_fetch_row to keep the resulting fields array in a variable, name it whatever you like, e.g "$row".

//Set the cookie

$encrypted_cookie = encrypted_cookie($row['cookie_count'], $row['id'], $row['signup_time'], $row['username']);

$cookie = md5('cookie'); //name it whatever you like

$duration = strtotime('+ 100 days'); //100 days is cookies expiration time. if you like put 100 years.

setcookie($cookie, $encrypted_cookie, $duration, '/', '', '', true); //this is one of the ways to set cookies

$sanitized_cookie = mysqli_real_escape_string($con, $encrypted_cookie); //$con is your database connection access, and the function mysqli_real_bla_bla is like a watchdog for housekeeping, it will keep your db records safe.

if(empty($row['current_cookie'])){
("UDATE `users` SET `current_cookie`='".$sanitized_cookie."' WHERE `id` =".$row['id'].";
}else{
if($row['current_cookie'] !== $encrypted_cookie){//when logout all is used, new cookie is created, below code will update users record with new cookie.
//("UDATE `users` SET `current_cookie`='".$sanitized_cookie."' WHERE `id` =".$row['id'].";
}}
header("Location: index.php"//end of login and setting cookie.
}}}}

How to make use of the cookie

From above our cookie was named $cookie = md5('cookie');

If(isset($_COOKIE[$cookie])){//yes a user is still logged in using cookies

$user_cookie = trim($_COOKIE[$cookie]);

//With $user_cookie you can query the database and perform operations on users table row whose "current_cookie" is "$user_cookie".

}else{//cookies are not set}

Thanks, A7....