0

How to add "keep me logged in" and store the user and expiration date to MySQL database?

I want to keep the user logged in, 30 days. After 30 days, it will automatically logout.

I read some question, but I don't know how to implement it to my current login php script

How to do this? Please help me, I'm not good in PHP.

Here's my script:

 session_start();
$ipaddress = '';
if (getenv('HTTP_CLIENT_IP'))
    $ipaddress = getenv('HTTP_CLIENT_IP');
else if(getenv('HTTP_X_FORWARDED_FOR'))
    $ipaddress = getenv('HTTP_X_FORWARDED_FOR');
else if(getenv('HTTP_X_FORWARDED'))
    $ipaddress = getenv('HTTP_X_FORWARDED');
else if(getenv('HTTP_FORWARDED_FOR'))
    $ipaddress = getenv('HTTP_FORWARDED_FOR');
else if(getenv('HTTP_FORWARDED'))
    $ipaddress = getenv('HTTP_FORWARDED');
else if(getenv('REMOTE_ADDR'))
    $ipaddress = getenv('REMOTE_ADDR');
else
$ipaddress = 'UNKNOWN';

$loginDate = date("Y-m-d H:i:s");
$Error ="";
$successMessage ="";
if (isset($_POST['submit'])){
if ( !( $_POST['cnumber'] == "" && $_POST['password'] == "")){
    $cnumber=$_POST['cnumber'];
    $password= sha1($_POST['password']);
    $rememberMe=$_POST['rememberme'];
    $cnumber = filter_var($cnumber, FILTER_SANITIZE_NUMBER_INT);

if($rememberMe == 'checked'){   
    setcookie('persistID', $cnumber, time()+(30 * 24 * 60 * 60), '/'); // this   sets cookie for 30 days.
}

if (filter_var($cnumber, FILTER_VALIDATE_INT)){
$con=mysqli_connect("localhost","root","","users");

$result = mysqli_query($con, "SELECT * FROM users WHERE contractNumber='$cnumber' AND password='$password'");
$data = mysqli_num_rows($result);

if(isset($_COOKIE['persistID'])){
if($data==1){
    $cnumber = $_COOKIE['persistID'];
    $_SESSION['login_user']=$cnumber;
    mysqli_query($con, "INSERT INTO `users`.`logs`(`contractNumber`, `lastLogin`, `ipAddress`) VALUES ('$cnumber', '$loginDate', '$ipaddress')");
    header('Location: profile.php');
} else {
    header('Location: login.php');
} else {
    $Error ="Invalid Contract Number or Password.";
} 
    mysqli_close($con);
} else {
    $Error ="Invalid Contract Number.";
    }
 }
} else {
    $Error ="Contract Number or Password is Empty.";
}
}
Community
  • 1
  • 1
User014019
  • 1,215
  • 8
  • 34
  • 66

3 Answers3

2

It can be easily done with cookies. Read this article: Keep me logged in – best approach.

Community
  • 1
  • 1
Max Flex
  • 1,116
  • 10
  • 16
  • @User014019 read the article step by step. You already have `2) Create session` in `$_SESSION['login_user'] = $cnumber;`. Now go to step 3 and `setcookie()` with md5 hash.. and so on. It's very easy. Just take some time to read – I am using that method myself. – Max Flex Jun 16 '15 at 08:05
0

You can set a cookie from PHP with an expiry date to 30 days from now on successful authentication

Check this for a complete login implementation - https://github.com/saip92/muzik/blob/master/login.php

Pramodh Valavala
  • 752
  • 3
  • 9
0

Keep a remember me checkbox in your login form. submit values to php file.

 $username  =   $_POST['username'];
    $password   =   $_POST['pass'];
    $rememberMe =   $_POST['remember'];

    if($rememberMe == 'checked')
    {   
        setcookie('persistID', $uid, time()+(30 * 24 * 60 * 60), '/'); // this sets cookie for 30 days.
    }
//your logic

Then whenever you load your page anytime or anyday,, 1st check persistID cookie present or not. if present get uid from cookie and redirect user to home page of your website. else redirect to login page.

code to check if cookie present or not :

if(isset($_COOKIE['persistID']))
{
    $userid =   $_COOKIE['persistID'];
    session_start();
    $_SESSION['uid'] = $userid; 
    //load your home page ... your logic

}
else
{
// load your login page
}

Hope it helps.

Prashant Bhujbal
  • 427
  • 6
  • 14