my first usersystem o.O

This is my first attempt at a usersystem and I was curious for some comments on the handler

what I’m expecting is this is included on every page
it checks to
A) Verify their logged in
B) if not their shown as a guest
C) getting cookie data for returning to the website

Now with the methods I use will this cause too much stress on the SQL calling this each page? should I modify something?

This is my first time actually using sessions

(Note: the session_start() is in the config.php)
(2nd note: I’m just using the basic $_SESSION instead of the register which causes more line space cause I’m having to switch the $_SESSION data into temporary variables each time instead of with registering them
I could just use $_HTTP_GET_VARS[‘username’] and just use $username I believe?)

[php]<?php
require(‘config.php’);

if(!$_Cookie[‘Storm_WoW’])
{
if (!$_SESSION[‘username’] | $_SESSION[‘password’])
{
$user = “Guest”;
$upass = “”;
$rank = “0”;
} else {
$user = $_SESSION[‘username’];
$upass = $_SESSION[‘password’];
if (!$_SESSION[‘rank’])
{
$Find_Ranking = mysql_query(“Select Rank FROM $Table01 WHERE userid = $user”);
$_SESSION[‘rank’] = $Find_Ranking;
$rank = $_SESSION[‘rank’];
}
}
} else {
$Find_User = $_Cookie[‘Storm_WoW’];
$Passcheck = mysql_query(“Select Password FROM $Table01 WHERE userid = $Find_User”);
$password = “This is temporary till I can figure out a way to put 2 values in the cookie”;
if($Passcheck == $password)
{
$_SESSION[‘username’] = $Find_User;
$_SESSION[‘password’] = $Passcheck;
$Find_Ranking = mysql_query(“Select Rank FROM $Table01 WHERE userid = $Find_User”);
$_SESSION[‘rank’] = $Find_Ranking;
$user = $_SESSION[‘username’];
$upass = $_SESSION[‘password’];
$rank = $_SESSION[‘rank’];
} else {
Die;
}
}
?>[/php]

Another question I have not really related to this part of the script is
do you guys think I should use SHA1 or MD5 for the passwords in the cookies?

Sponsor our Newsletter | Privacy Policy | Terms of Service