Main Content

Remember Me - PHP

Archive - Originally posted on "The Horse's Mouth" - 2008-11-28 08:54:13 - Graham Ellis

Here's a paradox for you as a web site designer, when putting together a web site which requires a login.

Most of your users are regulars, who really don't want the hassle of logging in every time they visit ... but at the same time, you can't allow blanket, long term logins as your site is often accessed by legitimate users from public access / shared computers on which permanent cookies should not be left.

The solution - and I'm sure most of you will have see it on any number of sites like forums - is a "remember me" box. Simple and easy - your users will be defaulted to a short session of, say, 30 minutes ... but if they check the box, their logins will last for a much longer period.

We use our own web site for much of our internal communications and for our various status pages. With Headquarters, booking and admin office on the outskirts of Melksham, and a Training Centre and Hotel near to the town centre ... and with me often giving On Site Courses many miles from home, this is a key form of communication. From the Admin systems that Lisa runs, from the laptops which are assigned to the rest of us personally, we need to be able to be in touch with a minimum of keystrokes. And we need to be able to check on the status from the reception computer, from trainee laptops, and from the public access system too. It goes even further than that - I need to be able to borrow a customer's keyboard on site (behind the customer's firewall where I cannot have access from my own system!) and still check and update the status.

Until now, we've been very careful to remember to log out from a shared computer ... but there are times that all of us have got called away from such a system - perhaps to carry on with Customer Service which is the reason we logged in, in the first place. So this morning, I've added a "remember me" box into our main login script.


It's in PHP, and the extra code is very straightforward.

The extra check box:

<input name=mine type=checkbox> Remember me!

The code that works out the login period:

$days = 0.02;
if ($_REQUEST[mine] != "") $days = 14;
pwlogin($a,$days);

and the login function that sets the cookie:

function pwlogin($arriving,$days=7) {
global $pwname;
setcookie("whcttt","$arriving:$pwname", time()+3600*24*$days,"/",".wellho.net");
$_COOKIE[whcttt] = "$arriving:$pwname";

The only thing that may be something of a surprise package in that code is the last line - setting the $_COOKIE superglobal to the same value that is being sent out to the browser. That's done to allow the user to be logged in on the current ("congratulations, you have logged in") page as well as on subsequent pages.