Login System - Help to troubleshoot the remember me cookie time

Posted in CategoryGeneral Discussion
  • Hder 5 months ago
    Thanks!  I had forgotten that I moved the navigation to another part of the development site and missed that portion on the search!  Your suggestion is a good one for the user to choose.
  • Terry Ogbemudia 5 months ago

    That function is called inside headers.php

    <ul class="nav navbar-nav">
    <i class="hide"><?php echo guard(); ?></i>

    I think you have to decide how you want the system to work but generally, when the user logout I will clear both cookies and sessions, for me the remember is most important in situations where I want to leave the webpage opened on my computer for a period of time. If I were to code this system again I will provide options that allow the user to choose what they prefer e.g. for the guard function I can have these options


    1. log out me out if I am inactive for x mins
    2. log out me out if I am inactive for x mins and expire cookies
    3. never
    Based on the user settings from the database I can now do a proper guard function, something to think about.

  • Hder 5 months ago

    Thanks, that seemed to have fixed the cookie issue.  However, with an active cookie now, the user cannot logout, until the cookie expires.  Clicking on logout does nothing.  Would this be the normal behavior?

    Would it be possible to re-code to actually log the user out when logout is clicked.  Then when he revisits, the system would automatically log him back in based on the cookie?  

    You opinion please.  

    I see the guard() function in the utilities.php file, but I can't seem to find where it is called in the other routines.  Can you remind me please?  My search window on Netbeans only comes up with that one location...

    Thanks.

  • Terry Ogbemudia 5 months ago
    The guard function will log you out after 15 mins of inactivity
  • Terry Ogbemudia 5 months ago

    check the guard function I think it will call the signout function which will destroy cookies, so if you don't want that behavior just comment out that part as shown below :


    function signout(){
    unset($_SESSION['username']);
    unset($_SESSION['id']);

    //if(isset($_COOKIE['rememberUserCookie'])){
    // unset($_COOKIE['rememberUserCookie']);
    //setcookie('rememberUserCookie', null, -1, '/');
    //}
    session_destroy();
    session_regenerate_id(true);
    redirectTo('index');
    }

  • Hder 5 months ago

    Have some further information (this time not using "remember me".  It seems like I am losing my sessions even if I do not log out.  I log in, do some work, then after a short time, maybe 15 or 20 minutes I click on something and it is as though I am logged out and need to log back in.  Must have something to do with a timeout. somewhere?

  • Hder 5 months ago

    The Login system does not seem to be remembering me for the specified time of 30 days.  I seem to have to log back in every 15 minutes or so if I am inactive on the web browser.  Can you guide me in where to start troubleshooting?  Thank you... The remember me function is below:


    function rememberMe($user_id){

        $encryptCookieData = base64_encode("UaQteh5i4y3dntstemYODEC{$user_id}");

        // Cookie set to expire in about 30 days

        setcookie("rememberUserCookie", $encryptCookieData, time()+60*60*24*100, "/");

Please login or register to leave a response.