Check for cookie?

General PHP Help
#1

Hey guys, i’m making a login system for my site.
The registration and login goes just fine, but the cookie isn’t being recognized, it is being saved (or so my browsers settings says) byt my code to check for it doesn’t work. I have followed a tutorial just so you know.
My code to check for the cookie: [php]<?php

$logged = false;

if ($_COOKIE[‘c_user’] && $_COOKIE[‘c_salt’]){

$cuser = mysql_real_escape_string($_COOKIE['c_user']);
$csalt = mysql_real_escape_string($_COOKIE['c_salt']);
$user = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `Salt`='$csalt'"));

if ($user != null){
	if(hash("sha512", $user['Username']) == $cuser){
		$logged = true;	
		
	}
	
}

}

[/php]

My code that saves the cookie:
[php]

<?php include algor.php; $connection = mysql_connect("X", "X", "X") or die("Couldn't connect."); mysql_select_db("X", $connection) or die("Database connection failed"); if ($logged==true){ die("Redan inloggad!"); } if ($_POST['login']){ if ($_POST['username']&& $_POST['password']){ $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string(hash("sha512", $_POST['password'])); $user = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `Username`='$username'")); if ($user == '0'){ die("Det användarnamnet existerar inte! Skapa ett nu! Tillbaka"); } $salt = hash("sha512", rand() . rand() .rand()); setcookie("c_user", hash("sha512", $username), time() + 24 * 60 * 60, "/"); setcookie("c_salt", $salt, time() + 24 * 60 * 60, "/"); $userID = $user['ID']; mysql_query("UPDATE `users` SET `Salt`='$salt' WHERE `ID`='$userID'"); header("Location: loggedin.php"); die(); } } ?>[/php]

Thank you in advance!
Ofc, the X is replaced with the actual server credentials.

EDIT:
I now see that you can log in with any password at all, the username just has to exist. How to check the password?..

#2

[php]$user = mysql_fetch_array(mysql_query(“SELECT * FROM users WHERE Username=’$username’ AND Password = ‘$password’”));[/php]

[php]if(isset($_COOKIE[‘c_user’])){[/php] Check if its set

Sponsor our Newsletter | Privacy Policy | Terms of Service