06-25-2008, 08:50 AM
|
#4 (permalink)
|
|
The Acquainted
Join Date: Oct 2007
Posts: 170
Thanks: 18
|
Yesterday I've written this function to check whether a user is logged in or not:
Users have options to save their login in a cookie, so that they don't have to fill the login form back in again.
A cookie is stored like: 'username;sha1hashedpasswordwithoutsalt'.
PHP Code:
// You have to define a SALT first
define('SALT', 'foo');
function is_logged_in()
{
if (isset($_COOKIE['user']))
{
list($szName, $szPassword) = explode(';', $_COOKIE['user']);
$szQuery = sprintf(
"SELECT id
FROM users
WHERE name = '%s' AND password = SHA1(CONCAT('%s', '%s'))
LIMIT 1", $szName, SALT, $szPassword);
$pUser = mysql_query($szQuery) or die(mysql_error());
if (mysql_numrows($pUser) > 0)
{
return TRUE;
}
}
elseif ($_SESSION['loggedin'] === 1)
{
return TRUE;
}
else
{
return FALSE;
}
}
Then, you can check (just like Jim did) if a user is logged in like so:
PHP Code:
if (is_logged_in() === TRUE)
{
echo 'Logged in.';
}
// Or
if (is_logged_in() !== TRUE)
{
echo 'Not logged in.';
}
Good luck! |
|
|
|