#this checks that the user wants to logout and if so doesn't do any of the below.
if(!isset($_GET['logout'])){
#this checks to see if the auth session is set.
if(!isset($_SESSION['auth'])){
#echo '<br>session not set';
#this is to see if the auth cookie is set.
if(!isset($_COOKIE['auth'])){
#echo '<br>cookie not set';
if(isset($_GET['login'])){
#login form here.
}elseif(isset($_GET['register'])){
#register form here.
}else{
header('location:?login=true');
}
}else{
#echo '<br>cookie set';
$D1=mysql_fetch_array(mysql_query("select rememberme from user where rememberme = '$_COOKIE[auth]';"));
#this is to see if the auth cookie matches that of the database remember me id.
if($_COOKIE['auth'] !=$D1['rememberme']){
#echo "<br>login not successful";
#this will delete the uneeded cookie.
setcookie("auth", "", time()- 3600);
}else{
#echo "<br>login successful";
$_SESSION['auth']=$_COOKIE['auth'];
}
}
}else{
#echo '<br>session set';
}
#echo '<br>[['.$_SESSION['auth'].']]';
#echo '<br>[['.$_COOKIE['auth'].']]';
}
|