php - User admin status isn't being remembered (admin area disappears after a while) -
i'm new php , decided play around cookies on site. added cookies login scheme keeps user logged in 1 year after log in. works fine.
however, don't know how create cookies remember users set admin status in database. there bug admins logged in aren't able view admin area after while though still logged in. ideas be?
login code:
$password=md5($_request['password']); $username=mysql_escape_string($_request['username']); $hour = time() + 60*60*24*30; setcookie("username_cookie", $username, $hour); setcookie("password_cookie", $password, $hour); $query = $mario->db->query("select * `" . dbname . "`.`users` `username` = '" . addslashes($_request['username']) . "' && `password` = '" . md5($_request['password']) . "'"); if($mario->db->numrows($query) > 0) { // success have user! $results = $mario->db->fetch($query); $_session['accountloggedin'] = true; $_session['username'] = $results['username']; $_session['userid'] = $results['userid']; setcookie("marioruns_loggedin", true, time()+3600*24*364,"/" ); /* expire in 1 year */ setcookie("marioruns_username", $results['username'], time()+3600*24*364,"/" ); /* expire in 1 year */ setcookie("marioruns_userid", $results['userid'], time()+3600*24*364,"/" ); /* expire in 1 year */ config code:
if(isset($_cookie["marioruns_loggedin"]))$_session['accountloggedin'] = true; if(isset($_cookie["marioruns_username"]))$_session['username'] = $_cookie["marioruns_username"]; if(isset($_cookie["marioruns_userid"]))$_session['userid'] = $_cookie["marioruns_userid"]; session_start(); included admin status isn't beingness stored anywhere in code, called database when user loads profile page (where admin area is)
edit:
i have feeling code displays admin area on profile page, line of code:
<?php if(($_session['isstaff']) || ($_session['isadmin'])) {?> --- admin area code --- maybe session has expired? not sure.
php cookies
No comments:
Post a Comment