Thx Christopher for replying. Ok, let me see if I understand you
The user enters username and password on index.php, this is posted to
login.php. On login.php after I verify the user is who he/she says they are
I set a cookie called "accessedbefore" to "yes" and redirect them to the
main page. Am I allowed to set a cookie and redirect them after determining
who the user is? How would I redirect them after setting the cookie? Header
function or is there a better way?
Thx Joe :)
"Christopher William Wesley" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Just do your authentication before you send any HTML (including any
> whitespace). I actually recommend not sending ANY HTML from your
> authentication script. Authenticate them, set your cookie, and redirect
> the visitor to an appropriate next page, based on whether or not they've
> successfully authenticated.
> BTW - storing the username/password in the cookie makes no sense They've
> already authenticated ... just store a user-is-logged-in cookie which
> expires after X minutes/hours/etc. It's a good practice for when you'll
> have to deal with privacy & security concerns.
> ~Chris /"\
> \ / September 11, 2001
> X We Are All New Yorkers
> / \ rm -rf /bin/laden
> On Mon, 12 Nov 2001, Joe Van Meer wrote:
> > Hi there, I'm new to php coming from an asp background and would like to
> > know the easiest way to automate a login process. I have one page called
> > 'index.php' and it contains a form with 2 elements, username and
> > This page is posted to th 'login.php' and here I do a check against the
> > database to see if the person is who they say they are. This where I
> > across a problem...I would like to set a cookie on the user's machine
> > know they are who they say they are. So I attempted to create a cookie
> > hold their username and password upon successful login..I received the
> > following error...Warning: Cannot add header information - headers
> > sent by (output started at E:\ez\codesnipits\login.php:16) in
> > E:\ez\codesnipits\login.php on line 66.
> > So I looked up in the manual and found that I can't do it this way. I
> > send header info after the header has been sent for obvious reasons. So
> > the heck do I manage to do this? What I would to do is have the user
> > once, and each subsequent time they visit , skip the login process via
> > username and password in the cookie.
> > Any insight to this type of process would greatly be appreciated.
> > Thx Joe
> > p.s Sorry about the bold font ;)
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > To contact the list administrators, e-mail: [EMAIL PROTECTED]
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]