Rectangle 27 47

public function beforeFilter() {
    $this->Auth->allow(array('login', 'register'));
    parent::beforeFilter();
}

public function login() {
    if ($this->request->is('post')) {

        if ($this->Auth->login()) {

            // did they select the remember me checkbox?
            if ($this->request->data['User']['remember_me'] == 1) {
                // remove "remember me checkbox"
                unset($this->request->data['User']['remember_me']);

                // hash the user's password
                $this->request->data['User']['password'] = $this->Auth->password($this->request->data['User']['password']);

                // write the cookie
                $this->Cookie->write('remember_me_cookie', $this->request->data['User'], true, '2 weeks');
            }

            return $this->redirect($this->Auth->redirect());

        } else {
            $this->Session->setFlash(__('Username or password is incorrect.'));
        }
    }

    $this->set(array(
        'title_for_layout' => 'Login'
    ));
}

public function logout() {
    // clear the cookie (if it exists) when logging out
    $this->Cookie->delete('remember_me_cookie');

    return $this->redirect($this->Auth->logout());
}
<h1>Login</h1>

<?php echo $this->Form->create('User'); ?>
    <?php echo $this->Form->input('username'); ?>
    <?php echo $this->Form->input('password'); ?>
    <?php echo $this->Form->checkbox('remember_me'); ?> Remember Me
<?php echo $this->Form->end('Login'); ?>
public $components = array(
    'Session',
    'Auth',
    'Cookie'
);

public $uses = array('User');

public function beforeFilter() {
    // set cookie options
    $this->Cookie->key = 'qSI232qs*&sXOw!adre@34SAv!@*(XSL#$%)asGb$@11~_+!@#HKis~#^';
    $this->Cookie->httpOnly = true;

    if (!$this->Auth->loggedIn() && $this->Cookie->read('remember_me_cookie')) {
        $cookie = $this->Cookie->read('remember_me_cookie');

        $user = $this->User->find('first', array(
            'conditions' => array(
                'User.username' => $cookie['username'],
                'User.password' => $cookie['password']
            )
        ));

        if ($user && !$this->Auth->login($user['User'])) {
            $this->redirect('/users/logout'); // destroy session & cookie
        }
    }
}

I would feel quite uncomfortable knowing that my password, even encrypted, floats somewhere in a cookie. I think that in such a case, storing the username is enough.

You are right, actually I realized it afterwards. But anyway, I would prefer not to store anything related to the password in a cookie. I'm not sure if it is a kind of allergy, but this idea gives me goosebumps ;-)

One other benefit of using the password like above as well is that if you change your password, it automatically invalidates the cookie on all devices forcing a relogin. :)

Doesn't seem like he's interested in getting much help, it's a shame these people took time out of their days to try and help. I'll remember to steer clear of @hey's questions in the future.

Thank you for the detailed answer! I used this in an application, but I believe that "$this->Auth->login($user)" should be "$this->Auth->login($user['User'])". Now it works perfectly!

php - CakePHP remember me with Auth - Stack Overflow

php session cakephp authentication cookies
Rectangle 27 1

To prevent access to pages, the best practice is to use session variables say $_SESSION['username'] and $_SESSION['password'] to check against your database table record assuming your table name is "users", the fields 'username' and 'password' in order for users to gain access to the page, else they are redirected to the log in page for them to supply the correct username and password through the input field.

Below is an anatomy of Preventing Direct Access to a PHP Page.

session_start();

$username=$_POST['username'];
$password=$_POST['password'];

$query="select * from users where username='$_SESSION[username]' and     password='$_SESSION[password]'";

$result=mysql_query($query);

if($result)
{

echo "Your login was successful..";// the page you want to go to if login successful
{
else
{

header("Location:index.php?action=login");//any page you want to return to if log in failed
}

preventing direct access to a php page, only access if redirected - St...

php
Rectangle 27 1

<?php 
 class Login extends CI_Model{
 function __construct(){
    parent::__construct();
 }

 public function login(){
    // grab user input
    $username = $this->security->xss_clean($this->input->post('username'));
    $password = $this->security->xss_clean($this->input->post('pass'));

    // Prep the query
    $this->db->where('doc_email', $username);
    $this->db->where('pass', $password);

    // Run the query
    $data = $this->db->get('doctors')->row();
    //my changes is here..
    if (count($data) > 0) {
        $sdata = array(
                'doc_id' => $data->doc_id,                    
                'doc_email' => $data->doc_email
                );
        $this->session->set_userdata($sdata);
        return true;
    } else {
        return false;
    }
  }
}

CodeIgniter login system - Stack Overflow

codeigniter
Rectangle 27 0

firstly create index.php page and just copy paste below code :-

<form name="frmUser" class="well login-form" id="form" method="post" action="login_check.php" onSubmit="return FormValidation()">
    <legend>
        <icon class="icon-circles"></icon>Restricted Area<icon class="icon-circles-reverse"></icon>
    </legend>
    <div class="control-group">
        <label class="control-label" for="inputPassword">Username</label>
        <div class="controls">
            <div class="input-prepend">
                <span class="add-on"><icon class="icon-user icon-cream"></icon> </span>
                <input class="input" type="text" name="username" id="username" placeholder="Username" />
            </div>
        </div>
    </div>
    <div class="control-group">
        <label class="control-label" for="inputPassword">Password</label>
        <div class="controls">
            <div class="input-prepend">
                <span class="add-on"><icon class="icon-password icon-cream"></icon>
                </span> <input class="input" type="password" name="password" id="password" value="" placeholder="Password" />
            </div>
        </div>
    </div>
    <div class="control-group signin">
        <div class="controls ">
            <input type="submit" class="btn btn-block" value="Submit" />
            <div class="clearfix">
                <span class="icon-forgot"></span><a href="#">forgot password</a>
            </div>
        </div>
    </div>
</form>



/*------------------after that ----------------------*/

create a login_check.php and just copy paste this below code :-

<?php
session_start();
include('conn.php');

<?php
/* Redirect browser */
header("location:index.php");

/* Make sure that code below does not get executed when we redirect. */
exit;
?>


<?php

if(count($_POST)>0)
{   

    $result = mysql_query("SELECT * FROM admin WHERE username='".$_POST["username"]."' and password = '".$_POST["password"]."'");
    $row  = mysql_fetch_array($result);

if(is_array($row)) 
{
    $_SESSION["user_id"] = $row[user_id];
    $_SESSION["username"] = $row[username];

    $session_register["user_id"] = $row[user_id];
    $session_register["username"] = $row[username];
} 
else 
{
   $_SESSION['msg']="Invalid Username or Password";
   header("location:index.php");
}
}

if(isset($_SESSION["user_id"]))
{
    header("Location:dashboard.php");
}

?>




/*-----------------------after that ----------------------*/


create a dashboard.php and copy paste this code in starting of dashboard.php



<?php
session_start();
include('conn.php');
include('check_session.php');
?>




/*-----------------------after that-----------------*/ 



create a check_session.php which check your session and copy paste this code :- 


<?php
    if($_SESSION["user_name"]) 
    {
?>
    Welcome <?php echo $_SESSION["user_name"]; ?>. Click here to <a href="logout.php" tite="Logout">Logout.</a>
<?php
    }
    else
    {
     header("location:index.php");
    }
?>





if you have any query so let me know on my mail id farjicompany@gmail.com

How to redirect to another page using PHP - Stack Overflow

php