client login

the issue is, that the "remember me" feature does not actually remember the user when they check the box.  i can't figure out what i have wrong in my code.

<?php
session_start();

if(isset($_COOKIE['LABTechWebDesignCookie']))
{
$con = mysql_connect
...

$myusername = $_COOKIE['Cookie']['myusername'];
$mypassword = $_COOKIE['Cookie']['mypassword'];

$query = "SELECT myusername, mypassword FROM $tbl_name WHERE myusername = '$myusername' AND mypassword = '$mypassword'";
$result = mysql_query($query, $db);
if(mysql_num_rows($result))
// If the login information is correct do the following;
{
$_SESSION['loggedin'] = 1;
// Set the session 'loggedin' to 1 and forward the user to the member's page
header('Location: members/login_success.php');
exit();
}
}

/* If the cookie doesn't exist or the login
information stored within the cookies
are wrong show the login form.
*/
?>

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="cookie4.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="password" id="mypassword"></td>
</tr>
<tr>
<td><input type="checkbox" name="setcookie" id="setcookie" value="setcookie" />
  <label for="setcookie">Remember Me?</label></td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

<?php
if (isset($_GET['error']) AND !empty($_GET['error']))
{
echo 'Invalid login data supplied. Please try again.';
}
?>

second page:

<?php
session_start(); // Shows we are using sessions

$con = mysql_connect
...

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$time = time(); // Gets the current server time
$check = $_POST['setcookie']; // Checks if the remember me button was ticked

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
if(mysql_num_rows($result)) { // If the username and password are correct do the following;
$_SESSION['loggedin'] = 1; // Sets the session 'loggedin' to 1

if($check) {
// Check to see if the 'setcookie' box was ticked to remember the user
setcookie("Cookie[myusername]", $myusername, $time + 3600); // Sets the cookie username
setcookie("Cookie[mypassword]", $mypassword, $time + 3600); // Sets the cookie password
}

// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");

header('Location: members/login_success.php'); // Forwards the user to this URL
exit();
}

else // If login is unsuccessful forwards the user back to the index page with an error
{
header('Location: error.php');
exit();
}
?>

Judging from the code you have posted, $_COOKIE['LABTechWebDesignCookie'] is never set, so the code in your first page won't run.

Also, session_register() is very ancient code that is no longer supported on most servers, so the following code in your second page does nothing:

session_register("myusername");
session_register("mypassword");

You need to use $_SESSION instead.

yea, i had:

if($check) {
// Check to see if the 'setcookie' box was ticked to remember the user
setcookie("LABTechWebDesignCookie[myusername]", $myusername, $time + 3600); // Sets the cookie username
setcookie("LABTechWebDesignCookie[mypassword]", $mypassword, $time + 3600); // Sets the cookie password
}

it is in the second part of the coding.  will this make it work?

future-architect wrote: will this make it work?

Have you tried it?

yes, but it does not work.

heres a picture of the cookies when I log-in:

is it not working because the values are set to 'myusername' and 'mypassword'?

You've changed the cookie name when you set it, but have you changed it where you check it? The script you have posted is looking for this:

$myusername = $_COOKIE['Cookie']['myusername'];
$mypassword = $_COOKIE['Cookie']['mypassword'];

Have you tried debugging your code by using echo to display the values of variables and conditions? For example:

if (isset($_COOKIE['Cookie'])) {
  foreach ($_COOKIE['Cookie'] as $name => $val) {
    echo "$name: $val<br>";
  }
} else {
  echo "The cookie doesn't exist";
}

Simple debugging techniques like that can tell you a lot about what the code is doing.

i was just thinking about doing that! and no, it couldn't find it.

sorry, i had updated this:

setcookie("LABTechWebDesignCookie[myusername]", $myusername, $time + 3600);
setcookie("LABTechWebDesignCookie[mypassword]", $mypassword, $time + 3600);

and then checking the login:

if(isset($_COOKIE['LABTechWebDesignCookie']))

this checks for both cookies, right, since the [myusername] and [mypassword] are under the domain of "LABTechWebDesignCookie"?