Webmaster Sun Login
Not a member yet? Sign up

Are These Persistent Cookie Ideas Safe And Interesting ?

  • HOME
  • REGISTER HERE - Join us for FREE
Results 1 to 2 of 2
    Stick this thread
  1. #1
    Join Date
    Jun 2017
    Thumbs Up/Down
    Received: 0/0
    Given: 22/0
    Thanked 1 Time in 1 Post

    Are These Persistent Cookie Ideas Safe And Interesting ?

    Php Masters!

    Every php persistent cookie tutorial I come across always save the user's password onto the user's hdd. To make things worst. Save it on the hdd without encrypting it.
    Now, I thought it would be best if the cookie got named under the user's computer mach address and the mach address got saved in the db.
    Then, when the user loads the login page, the cookie can check it's cookie name against the db and if there is a match then auto log the user into his/her account.
    But, now I read, it is not possible to acquire the user's mach address unless uservon same lan of my webserver.

    Q1a. So, what else can act as a substitute for the mach address ? What else can php grab from the user's computer which it can use as a reference against the Username to identify that it is the same user ?
    IPs change. No good using that.

    Q1b. How-about the user's computer name ? Can it grab that from the user's computer so it can use that as the mach substitute or use that as the cookie name ?

    Q1c. Or maybe I just get the script to name the cookie in this format:


    And make that cookie available as long as the user has not got his/her ip changed.
    That way, when the user loads the login page whilst the ip hasn't changed, the cookie can check it's cookie name (username-ip) against the db and if there is a match then auto log the user into his/her account. What do you think ?
    Can you guys show me how to do this by editing my code ?
    I have been googling all night and reading whatever I find on the subject. But, I am still stuck and need to see some code samples to clear the confusion.

    PHP Code:
    $_POST["login"])) {
    $conn mysqli_connect("localhost""root""""blog_samples");
    $sql "Select * from members where member_name = '" 
    $_POST["member_name"] . "' and member_password = '" 
    md5($_POST["member_password"]) . "'";
    $result mysqli_query($conn,$sql);
    $user mysqli_fetch_array($result);
    $user) {
    $_SESSION["member_id"]           = $user["member_id"];
    $_POST["remember"])) {
    setcookie ("member_login",$_POST["member_name"],time()+ (10 
    365 24 60 60));
    ("member_password",$_POST["member_password"],time()+ (10 365 24 60 60));
                    } else {
    $_COOKIE["member_login"])) {
    setcookie ("member_login","");
    $_COOKIE["member_password"])) {
    setcookie ("member_password","");
            } else {
    $message "Invalid Login";
        #frmLogin {
            padding: 20px 60px;
            background: #B6E0FF;
            color: #555;
            display: inline-block;        
            border-radius: 4px;
        .field-group {
        .input-field {
            padding: 8px;
            width: 200px;
            border: #A3C3E7 1px solid;
            border-radius: 4px;
        .form-submit-button {
            background: #65C370;
            border: 0;
            padding: 8px 20px;
            border-radius: 4px;
            color: #FFF;
            text-transform: uppercase;
        .member-dashboard {
            padding: 40px;
            background: #D2EDD5;
            color: #555;
            border-radius: 4px;
            display: inline-block;
        .member-dashboard a {
            color: #09F;
        .error-message {

        <?php if(empty($_SESSION["member_id"])) { ?>
        <form action="" method="post" id="frmLogin">
        <div class="error-message"><?php if(isset($message)) { echo $message; } ?>
            <div class="field-group">
                <div><label for="login">Username</label></div>
                <div><input name="member_name" type="text" value="<?php 
    if(isset($_COOKIE["member_login"])) { echo $_COOKIE["member_login"]; } ?>
            <div class="field-group">
                <div><label for="password">Password</label></div>
                <div><input name="member_password" type="password" value="<?php 
    if(isset($_COOKIE["member_password"])) { echo $_COOKIE["member_password"]; } 
    ?>" class="input-field"> 
            <div class="field-group">
                <div><input type="checkbox" name="remember" id="remember" <?php 
    if(isset($_COOKIE["member_login"])) { ?> checked <?php ?> />
                <label for="remember-me">Remember me</label>
            <div class="field-group">
                <div><input type="submit" name="login" value="Login" class="form-
        <?php } else { ?>
        <div class="member-dashboard">You have Successfully logged in!. <a 
        <?php ?>
    Q1d. What do you think about this unique idea ? Let me know if the idea is flawed or not.
    During registration, the system would ask the user to upload any img.
    During persistent cookie checking (meaning, when the user has loaded the login.php or home.php), the user would be shown a list of imgs to select. If he/she selects the right one they uploaded during registration then the system (cookie) would auto log them in.
    Alternatively, the user can be shown a question and a few answer options in a checkbox or dynamic drop down ui that list the correct answer aswell as the incorrect answers. If the user selects the correct answer from the answering options then the user is auto logged in. Clicking the mouse is simpler than typing the username & password. And so, this little id check won't bother the user that much. Would it bother you, as a user ?

    Alternatively, the user can be shown a list of imgs where an img can be of his/her family member (eg, brother, uncle) and a question that asks "what is this person top you ?" and show a few answer options in a checkbox such as:
    1. Brother;
    2. Uncle;
    3. Friend;

    etc. If the user selects the right answer then he/she is auto logged in. Else not.
    If you like any of the ideas mentioned in Q1d, then how-about editing my code and showing us newbies a sample code on how to achieve the one you liked ?


  2. #2
    Join Date
    Oct 2017
    Thumbs Up/Down
    Received: 1/0
    Given: 0/0
    Thanked 2 Times in 2 Posts
    Usually if web pages is going to save your cookies that page should have an option either you agree to save your cookie or not. If it's no then I think it violates your right and freedom of choice that your personal data should be safe.

  3. The Following User Says Thank You to Jud For This Useful Post:
    sunny_pro (12-17-2017)

Newer Threads

  1. Azam
    Rob Whisonant
    Replies: 1 | Views: 697
    Last post by Rob Whisonant, 10-12-2017, 07:35 PM
  2. hynds
    Selling Selling LLN.org and some domains
    By hynds in forum Domains
    Replies: 6 | Views: 1406
    Last post by hynds, 01-11-2018, 03:03 AM
  3. Hawker
    Replies: 0 | Views: 791
    Last post by Hawker, 10-12-2017, 07:01 PM
  4. HostLittle
    Replies: 0 | Views: 1495
    Last post by HostLittle, 10-12-2017, 07:12 PM
  5. goldpaid777
    Hello coders
    By goldpaid777 in forum New Member Introductions
    Replies: 4 | Views: 748
    Last post by Dopani, 10-16-2017, 08:39 AM

Older Threads

  1. sunny_pro
    Replies: 0 | Views: 685
    Last post by sunny_pro, 10-12-2017, 10:09 AM
  2. sunny_pro
    Replies: 0 | Views: 745
    Last post by sunny_pro, 10-12-2017, 09:57 AM
  3. Emmaavawilliam
    Replies: 3 | Views: 803
    Last post by bijutoha, 10-24-2017, 11:24 AM
  4. yahm2001
    Replies: 0 | Views: 136
    Last post by yahm2001, 10-12-2017, 05:21 AM
  5. genalyns
    Replies: 2 | Views: 135
    Last post by ulterios, 10-12-2017, 03:50 AM

Latest Threads

  1. premiumaccs
    By premiumaccs in forum New Member Introductions
    Replies: 2 | Views: 46
    Last post by Mike001, Yesterday, 12:11 PM
  2. buzybee-kevin
    Replies: 0 | Views: 87
    Last post by buzybee-kevin, 03-22-2018, 10:22 PM
  3. michealjohn00
    Replies: 2 | Views: 51
    Last post by Mike001, Yesterday, 12:37 PM
  4. sunny_pro
    Replies: 2 | Views: 90
    Last post by geek, Yesterday, 03:41 PM
  5. Moranme
    Replies: 2 | Views: 76
    Last post by robert4u, Yesterday, 01:39 PM

Similar Threads

  1. sunny_pro
    Replies: 0 | Views: 685
    Last post by sunny_pro, 10-12-2017, 10:09 AM
  2. Conor
    Replies: 9 | Views: 1359
    Last post by ZAPPY, 01-30-2017, 03:09 AM
  3. Mike001
    Replies: 11 | Views: 1183
    Last post by Mike001, 11-04-2016, 01:23 PM
  4. David Braybrooke
    Replies: 1 | Views: 1194
    Last post by elcidofaguy, 06-22-2015, 02:36 AM
  5. Michele D.
    Replies: 7 | Views: 1884
    Last post by Epic, 02-14-2015, 06:36 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Internet Marketing Forum

Webmaster Sun is a forum where you’ll find in-depth discussions and resources to help you succeed on the web whether you are new or experienced. You’ll find it all here. With topics ranging from internet marketing, search engine optimization, social networking, make money online, web hosting, affiliate marketing as well as hands-on technical support for web design, programming and more. We are a growing community of like-minded people that is keen to help and support each other with ambitions and online endeavors. Learn and grow, make friends and contacts for life.

Come Hang Out With Us

    Facebook Twitter Webmaster Forum Google+

    Webmaster Sun Logo
Copyright ©2012 - 2018, WebmasterSun.com. All rights reserved. Internet marketing forum for internet marketers, webmasters, web hosting providers, designers and affiliate marketers.

Welcome to Webmaster Sun

The World's Number 1 Webmaster Community, SEO and Marketplace

Log in!

Continue with Facebook
Continue With Email. By signing up you indicate that you have read and agree to the Terms of Service and Privacy Policy.

Sign in Manually

Need an account? Sign up now!