Webmastersite.net
Register Log In

integrating session login with cookies
combining logins

Comments on integrating session login with cookies

knotworking
Experienced

Usergroup: Customer
Joined: Mar 31, 2004

Total Topics: 20
Total Comments: 83
Posted May 17, 2005 - 8:39 AM:

I'm using sessions in my existing profile login. I've noticed that the gallery is using cookies. Having only one login for both is obviously the best way but, I've been tweaking the index.php login with strange results. Somehow the session is passed the wrong id, logging me into another member's profile. I basically just inserted this into the code:

session_start();
$_SESSION[valid] = "yes";
$name = $row['name'];
$user_password = $row['user_password'];
$_SESSION['id'] = $row['id'];

And, when I jump to my existing profile edit, it either logs me into the wrong profile or determines my session is invalid. What would be the best/easiest way to integrate the two? I don't mind using cookies but, I read that sessions were more reliable/safer (being that cookies are stored on the users machine). At this point, I probably just want to do whichever is easier.

Thanks!
Paul
developer

Usergroup: Administrator
Joined: Dec 20, 2001
Location: Diamond Springs, California

Total Topics: 61
Total Comments: 7868
Paul
Posted May 18, 2005 - 1:37 PM:

Since I don't know much of anything about handling sessions (a major reason there isn't a session login option, though the biggest reason is that I've never found a good reason for one), I can't comment on why your session login doesn't work.

I read that sessions were more reliable/safer (being that cookies are stored on the users machine)

Given that with sessions an unsuspecting person can accidentally give someone a link that makes the recipient be logged in as them, the "safer" suggestion strikes me as just plain absurd.
knotworking
Experienced

Usergroup: Customer
Joined: Mar 31, 2004

Total Topics: 20
Total Comments: 83
Posted May 18, 2005 - 3:29 PM:

Just going by the book I read (by Ullman, I think). But, however accurate my memory and what the book stated, I still want to integrate the systems. My login script establishes a session and $id for the user. The edit script then pulls the data out of the database based on the $id.

I think I can figure out how to have the script check a cookie value vs. a session value. Does the cookie set by the gallery login use something readily readable like a plain id that can be checked by my edit script?

Basically, is there a fairly easy way I can use the cookie values established by the gallery in my edit script?

Thanks!
Paul
developer

Usergroup: Administrator
Joined: Dec 20, 2001
Location: Diamond Springs, California

Total Topics: 61
Total Comments: 7868
Paul
Posted May 27, 2005 - 12:27 AM:

You can view the cookies set by clicking the PHPinfo link in your admin panel. There's one for the user id and one for the (encoded) password.
knotworking
Experienced

Usergroup: Customer
Joined: Mar 31, 2004

Total Topics: 20
Total Comments: 83
Posted May 31, 2005 - 5:05 PM:

I looked through the PHPINFO pretty thoroughly. I found the ID cookie referenced several times along with votes:
_COOKIE["votes"]
_COOKIE["wsnuser"]
but no password. Is the password called UNIQUE_ID or something?
Paul
developer

Usergroup: Administrator
Joined: Dec 20, 2001
Location: Diamond Springs, California

Total Topics: 61
Total Comments: 7868
Paul
Posted Jun 02, 2005 - 12:30 AM:

wsnuser, wsnpass
Search thread for
Download thread as
  • 0/5
  • 1
  • 2
  • 3
  • 4
  • 5



This thread is closed, so you cannot post a reply.