Webmaster Sun Login
Not a member yet? Sign up

Are These Persistent Cookie Ideas Safe And Interesting ?

  • HOME
  • FORUMS
  • BLOGS
  • MARKETPLACE
  • ADVERTISING
  • SPECIAL OFFERS
  • WEB HOSTING
  • QUICK MENU
  • REGISTER HERE - Join us for FREE
Results 1 to 2 of 2
    Stick this thread
  1. #1
    Join Date
    Jun 2017
    Posts
    40
    Thumbs Up/Down
    Received: 0/0
    Given: 12/0
    Thanks
    3
    Thanked 1 Time in 1 Post

    Are These Persistent Cookie Ideas Safe And Interesting ?

    Php Masters!

    Every php persistent cookie tutorial I come across always save the user's password onto the user's hdd. To make things worst. Save it on the hdd without encrypting it.
    Now, I thought it would be best if the cookie got named under the user's computer mach address and the mach address got saved in the db.
    Then, when the user loads the login page, the cookie can check it's cookie name against the db and if there is a match then auto log the user into his/her account.
    But, now I read, it is not possible to acquire the user's mach address unless uservon same lan of my webserver.

    Q1a. So, what else can act as a substitute for the mach address ? What else can php grab from the user's computer which it can use as a reference against the Username to identify that it is the same user ?
    IPs change. No good using that.

    Q1b. How-about the user's computer name ? Can it grab that from the user's computer so it can use that as the mach substitute or use that as the cookie name ?

    Q1c. Or maybe I just get the script to name the cookie in this format:

    username-ip

    And make that cookie available as long as the user has not got his/her ip changed.
    That way, when the user loads the login page whilst the ip hasn't changed, the cookie can check it's cookie name (username-ip) against the db and if there is a match then auto log the user into his/her account. What do you think ?
    Can you guys show me how to do this by editing my code ?
    I have been googling all night and reading whatever I find on the subject. But, I am still stuck and need to see some code samples to clear the confusion.

    PHP Code:
        <?php
        session_start
    ();
        if(!empty(
    $_POST["login"])) {
            
    $conn mysqli_connect("localhost""root""""blog_samples");
            
    $sql "Select * from members where member_name = '" 
        
    $_POST["member_name"] . "' and member_password = '" 
        
    md5($_POST["member_password"]) . "'";
            
    $result mysqli_query($conn,$sql);
            
    $user mysqli_fetch_array($result);
            if(
    $user) {
                    
    $_SESSION["member_id"]           = $user["member_id"];
                
                    if(!empty(
    $_POST["remember"])) {
                        
    setcookie ("member_login",$_POST["member_name"],time()+ (10 
        
    365 24 60 60));
                        
    setcookie 
        
    ("member_password",$_POST["member_password"],time()+ (10 365 24 60 60));
                    } else {
                        if(isset(
    $_COOKIE["member_login"])) {
                            
    setcookie ("member_login","");
                        }
                        if(isset(
    $_COOKIE["member_password"])) {
                            
    setcookie ("member_password","");
                        }
                    }
            } else {
                
    $message "Invalid Login";
            }
        }
        
    ?>    
        <style>
        #frmLogin {
            padding: 20px 60px;
            background: #B6E0FF;
            color: #555;
            display: inline-block;        
            border-radius: 4px;
        }
        .field-group {
            margin-top:15px;
        }
        .input-field {
            padding: 8px;
            width: 200px;
            border: #A3C3E7 1px solid;
            border-radius: 4px;
        }
        .form-submit-button {
            background: #65C370;
            border: 0;
            padding: 8px 20px;
            border-radius: 4px;
            color: #FFF;
            text-transform: uppercase;
        }
        .member-dashboard {
            padding: 40px;
            background: #D2EDD5;
            color: #555;
            border-radius: 4px;
            display: inline-block;
        }
        .member-dashboard a {
            color: #09F;
            text-decoration:none;
        }
        .error-message {
            text-align:center;
            color:#FF0000;
        }
    </style>

        <?php if(empty($_SESSION["member_id"])) { ?>
        <form action="" method="post" id="frmLogin">
        <div class="error-message"><?php if(isset($message)) { echo $message; } ?>
        </div>    
            <div class="field-group">
                <div><label for="login">Username</label></div>
                <div><input name="member_name" type="text" value="<?php 
        
    if(isset($_COOKIE["member_login"])) { echo $_COOKIE["member_login"]; } ?>
        class="input-field">
            </div>
            <div class="field-group">
                <div><label for="password">Password</label></div>
                <div><input name="member_password" type="password" value="<?php 
        
    if(isset($_COOKIE["member_password"])) { echo $_COOKIE["member_password"]; } 
        
    ?>" class="input-field"> 
            </div>
            <div class="field-group">
                <div><input type="checkbox" name="remember" id="remember" <?php 
        
    if(isset($_COOKIE["member_login"])) { ?> checked <?php ?> />
                <label for="remember-me">Remember me</label>
            </div>
            <div class="field-group">
                <div><input type="submit" name="login" value="Login" class="form-
        submit-button"></span></div>
            </div>       
        </form>
        <?php } else { ?>
        <div class="member-dashboard">You have Successfully logged in!. <a 
        href="logout.php">Logout</a></div>
        <?php ?>
    Q1d. What do you think about this unique idea ? Let me know if the idea is flawed or not.
    During registration, the system would ask the user to upload any img.
    During persistent cookie checking (meaning, when the user has loaded the login.php or home.php), the user would be shown a list of imgs to select. If he/she selects the right one they uploaded during registration then the system (cookie) would auto log them in.
    Alternatively, the user can be shown a question and a few answer options in a checkbox or dynamic drop down ui that list the correct answer aswell as the incorrect answers. If the user selects the correct answer from the answering options then the user is auto logged in. Clicking the mouse is simpler than typing the username & password. And so, this little id check won't bother the user that much. Would it bother you, as a user ?

    Alternatively, the user can be shown a list of imgs where an img can be of his/her family member (eg, brother, uncle) and a question that asks "what is this person top you ?" and show a few answer options in a checkbox such as:
    1. Brother;
    2. Uncle;
    3. Friend;

    etc. If the user selects the right answer then he/she is auto logged in. Else not.
    If you like any of the ideas mentioned in Q1d, then how-about editing my code and showing us newbies a sample code on how to achieve the one you liked ?

    Thanks!

  2. #2
    Join Date
    Oct 2017
    Posts
    14
    Thumbs Up/Down
    Received: 1/0
    Given: 0/0
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Usually if web pages is going to save your cookies that page should have an option either you agree to save your cookie or not. If it's no then I think it violates your right and freedom of choice that your personal data should be safe.

Newer Threads

  1. Azam
    Rob Whisonant
    Replies: 1 | Views: 137
    Last post by Rob Whisonant, 10-12-2017, 07:35 PM
  2. hynds
    Selling Selling LLN.org and some domains
    By hynds in forum Domains
    hynds
    Replies: 4 | Views: 225
    Last post by hynds, 12-09-2017, 03:29 AM
  3. Hawker
    Hawker
    Replies: 0 | Views: 187
    Last post by Hawker, 10-12-2017, 07:01 PM
  4. HostLittle
    HostLittle
    Replies: 0 | Views: 396
    Last post by HostLittle, 10-12-2017, 07:12 PM
  5. goldpaid777
    Hello coders
    By goldpaid777 in forum New Member Introductions
    Dopani
    Replies: 4 | Views: 149
    Last post by Dopani, 10-16-2017, 08:39 AM

Older Threads

  1. sunny_pro
    sunny_pro
    Replies: 0 | Views: 105
    Last post by sunny_pro, 10-12-2017, 10:09 AM
  2. sunny_pro
    sunny_pro
    Replies: 0 | Views: 126
    Last post by sunny_pro, 10-12-2017, 09:57 AM
  3. Emmaavawilliam
    bijutoha
    Replies: 3 | Views: 183
    Last post by bijutoha, 10-24-2017, 11:24 AM
  4. yahm2001
    yahm2001
    Replies: 0 | Views: 101
    Last post by yahm2001, 10-12-2017, 05:21 AM
  5. genalyns
    ulterios
    Replies: 2 | Views: 92
    Last post by ulterios, 10-12-2017, 03:50 AM

Latest Threads

  1. Rhombus
    Rhombus
    Replies: 0 | Views: 12
    Last post by Rhombus, Yesterday, 04:18 PM
  2. Danalana
    Danalana
    Replies: 0 | Views: 10
    Last post by Danalana, Yesterday, 04:14 PM
  3. Danalana
    Danalana
    Replies: 0 | Views: 14
    Last post by Danalana, Yesterday, 01:53 PM
  4. Danalana
    Danalana
    Replies: 0 | Views: 10
    Last post by Danalana, Yesterday, 01:49 PM
  5. AMiRU
    Rob Whisonant
    Replies: 3 | Views: 23
    Last post by Rob Whisonant, Yesterday, 07:19 PM

Similar Threads

  1. sunny_pro
    sunny_pro
    Replies: 0 | Views: 105
    Last post by sunny_pro, 10-12-2017, 10:09 AM
  2. Conor
    ZAPPY
    Replies: 9 | Views: 1040
    Last post by ZAPPY, 01-30-2017, 03:09 AM
  3. Mike001
    Mike001
    Replies: 11 | Views: 1047
    Last post by Mike001, 11-04-2016, 01:23 PM
  4. David Braybrooke
    elcidofaguy
    Replies: 1 | Views: 1139
    Last post by elcidofaguy, 06-22-2015, 02:36 AM
  5. Michele D.
    Epic
    Replies: 7 | Views: 1771
    Last post by Epic, 02-14-2015, 06:36 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Internet Marketing Forum

Webmaster Sun is a forum where you’ll find in-depth discussions and resources to help you succeed on the web whether you are new or experienced. You’ll find it all here. With topics ranging from internet marketing, search engine optimization, social networking, make money online, web hosting, affiliate marketing as well as hands-on technical support for web design, programming and more. We are a growing community of like-minded people that is keen to help and support each other with ambitions and online endeavors. Learn and grow, make friends and contacts for life.

Come Hang Out With Us

    Facebook Twitter Webmaster Forum Google+

    Webmaster Sun Logo
Copyright ©2012 - 2017, WebmasterSun.com. All rights reserved. Internet marketing forum for internet marketers, webmasters, web hosting providers, designers and affiliate marketers.

Welcome to Webmaster Sun

The World's Number 1 Webmaster Community, SEO and Marketplace

Log in!

Continue with Facebook
Continue With Email. By signing up you indicate that you have read and agree to the Terms of Service and Privacy Policy.

Sign in Manually

Need an account? Sign up now!