Recent Topics

1 Sep 28, 2005 20:02    

Hi all. My little project sort of dictates that I have a "session only" cookie. I've searched and found a few threads that touch on cookies, but nothing I can grab and use. If anyone knows a good hack I'd be happy to use it, but until then I'll request a "log me out when I close the browser" option that starts checked or 'on' as part of the login page. That way you have to take a whole second to get the one-year cookie, which is exactly what I would do on my personal blogs.

My little project is geared towards an audience who likely will not have their own PC, so I want to set them up with a way to be logged in as long as they're clicking through the blog or backoffice, but logs them out when they close the browser.

(Yabba: that's you cue to kick out another wicked cool hack...)

2 Sep 28, 2005 20:04

I suppose I could put up big fat text on the login page that says "don't forget to log out if you're on a shared PC" but it seems sort of old fashioned, ya know?

3 Sep 28, 2005 22:26

Lol, thankfully this has already been thought off ;)

conf/_advanced.php

/**
 * Expiration for cookies.
 *
 * Value in seconds, set this to 0 if you wish to use non permanent cookies (erased when browser is closed).
 *
 * @global int $cookie_expires
 */
$cookie_expires = time() + 2678400;		// 31 days


;)

¥

4 Sep 28, 2005 22:52

Half way there! I saw an older thread where someone said doing it this way made them login with every click of a tab in the back office.

$cookie_expires = time() + 0;


Setting it to only 0 instead of +0 makes it stay as long as the browser is active:

$cookie_expires = 0;


Problem is it's still all or nothing. I think I can do up a hack that puts a checkbox at login so you can say "remember me" or something like that. This way you can have the byebye version, or the year-long version.

Hacking is fun!

5 Sep 28, 2005 23:23

Lol, that'll teach me to try shit before I post :p

This isn't as simple as it seems, the value is hard coded, so, to overide it you'd need to set a cookie to tell the cookie that it can be a bigger cookie, and then you'd need to be able override that cookie (that's telling the cookie to be a biger cookie) to stop telling the cookie too be a bigger cookie if the user logs out ......... damn, that's gonna be a challenge! ...... unfortunately I'm waaaay ahead of you at failing a breath test, so it's probably going to be some time after you're snugly asleep that I'll be able to put some caffinated thought into this.

At least it gives you something to wake up to ;)

¥

6 Sep 29, 2005 20:43

Hi EdB,
Sorry, I got a tad involved with coding and didn't get chance to look/think about this today. I might get a chance later, but the chances are that life will intrude ..... followed by the night cylcle kicking in, followed by the sun suprising the hell out of me as it rises once again.

So, unless you've got huge lungs, don't start holding your breath 'til you next wake up :P

¥

7 Sep 29, 2005 20:51

No worries! I think it'd be a groovy option, but for my little project I went with the big fat text method. If I hear a bunch of complaints I'll say "all or nothing - take your pick".

Basically too many cookies flipping cookies because another cookie flipped a cookie scared me. I suppose if I was highly motivated I'd open up the code for an application that gives this option, learn all about it, then snag one bit from there and bring over here.

So much easier to just warn people DON'T FORGET TO LOG OUT IF YOU'RE ON A SHARED PC!!!

Aw heck I just remembered I put the warning on the registration complete page and login page but didn't tweak the back office to prominently display that little reality. Oh well! *I* am not going to be the one who suffers for lack of knowledge ;)

8 Sep 29, 2005 21:01

Lol, considering most users would just click "ok" to a huge warning that said "because I hate making a cookie tell a cookie that it's the wrong cookie and should be a different cookie you must remember to logout so I can tell the right cookie to stop telling the wrong cookie to be the right cookie and no longer be a cookie at all", I'll try and come up with a solution ;)

¥

9 Sep 30, 2005 11:35

Ok, two possible solutions for you

1/ fixed "remember me" time span

conf/_advanced.php


 * Expired-time used to erase cookies.
 *
 * @global int $cookie_expired
 */
$cookie_expired = time() - 86400;				// Default: 24 hours ago


/**
 * Value in seconds to remember a user who ticks the box
 */
$remember_duration = 10;

b2evocore/_functions_users.php


		global $remember_duration;

		if ( isset( $_POST['remember_me'] ) )
		{
			$remember_me = $_POST['remember_me'];
			if ( $remember_me ) $cookie_expires = time() + $remember_duration;
		}

		// Login succeeded:
		//echo $user_login, $pass_is_md5, $user_pass,  $cookie_domain;
		if( !setcookie( $cookie_user, $log, $cookie_expires, $cookie_path, $cookie_domain ) )

htsrv/_login_form.php


			<div class="input"><input type="password" name="pwd" id="pwd" size="16" maxlength="20" value="" class="large" /></div>
			<?php form_checkbox( 'remember_me', $remember_me, T_('Remember me :'), T_('Tick this to save your username and password') ); ?>

2/ Variable "remember me" time span

b2evocore/_functions_users.php


		if ( isset( $_POST['remember_me'] ) )
		{
			$remember_me = $_POST['remember_me'];
			$cookie_expires = 0;
			if ( $remember_me ) $cookie_expires = time() + $remember_me;
		}
		// Login succeeded:
		//echo $user_login, $pass_is_md5, $user_pass,  $cookie_domain;
		if( !setcookie( $cookie_user, $log, $cookie_expires, $cookie_path, $cookie_domain ) )

htsrv/_login_form.php


			<div class="input"><input type="password" name="pwd" id="pwd" size="16" maxlength="20" value="" class="large" /></div>
			<div class="label"><label for="remember_me"><?php echo T_('Remember me :') ?></label></div>
			<div class="input"><select name='remember_me'>
			<option value='0'>Session only</option>
			<option value='10'>10 seconds</option>
			<option value='20'>20 seconds</option>
			<option value='30'>30 seconds</option>
			<option value='40'>40 seconds</option>
			<option value='50'>50 seconds</option>
			<option value='60'>1 minute</option>
			</select></div>

¥

*edit*
To correct typo in code :S


Form is loading...