Today, We want to share with you Secure Login Remember Me PHP Session and Cookies.
In this post we will show you PHP Login Script with Remember Me, hear for Login Form with Remember Me Functionality with PHP we will give you demo and example for implement.
In this post, we will learn about PHP simple Login & Remember me script using Cookies with an example.
Secure Login Remember Me PHP Session and Cookies
There are the Following The simple About Secure Login Remember Me PHP Session and Cookies Full Information With Example and source code.
PHP session or cookies
Make browser side Cookies to Preserve the Sign-In State mode
Start first step To Secure Login Remember Me PHP Session simple.
redirect("home_page.php"); } if (! empty($_POST["signin"])) { $activeAuth = false; $clientname = $_POST["employee_name"]; $password = $_POST["employee_password"]; $user = $userauth->fetchEmployeeByUsername($clientname); if (password_verify($password, $user[0]["employee_password"])) { $activeAuth = true; } if ($activeAuth) { $_SESSION["employee_id"] = $user[0]["employee_id"]; // Set Userauth Cookies if 'Remember Me' checked if (! empty($_POST["remember"])) { setcookie("employee_login", $clientname, $cookie_expiration_time); $random_password = $util->getToken(16); setcookie("random_password", $random_password, $cookie_expiration_time); $random_selector = $util->getToken(32); setcookie("random_selector", $random_selector, $cookie_expiration_time); $random_password_hash = password_hash($random_password, PASSWORD_DEFAULT); $random_selector_hash = password_hash($random_selector, PASSWORD_DEFAULT); $expiry_date = date("Y-m-d H:i:s", $cookie_expiration_time); // mark existing token as expired $clientToken = $userauth->getTokenByUsername($clientname, 0); if (! empty($clientToken[0]["id"])) { $userauth->currentmarkAsExp($clientToken[0]["id"]); } // Insert new token $userauth->insertToken($clientname, $random_password_hash, $random_selector_hash, $expiry_date); } else { $util->clearAuthCookie(); } $util->redirect("home_page.php"); } else { $message = "Invalid Login"; } } ?>
The HTML interface
HTML Form ‘Remember Me’ option
PHP Session and Cookies
PHP file server side check Validate Remembered Signin with PHP Session as well as Cookies
getTokenByUsername($_COOKIE["employee_login"],0); // Validate random password cookie with database if (password_verify($_COOKIE["random_password"], $clientToken[0]["password_hash"])) { $activePassVerify = true; } // Validate random selector cookie with database if (password_verify($_COOKIE["random_selector"], $clientToken[0]["selector_hash"])) { $activeSelectoryverify = true; } // check cookie expiration by date if($clientToken[0]["expiry_date"] >= $current_date) { $activeExpiryVerify = true; } // Redirect if all cookie based validation retuens true // Else, mark the token as expired and clear cookies if (!empty($clientToken[0]["id"]) && $activePassVerify && $activeSelectoryverify && $activeExpiryVerify) { $activeSignIn = true; } else { if(!empty($clientToken[0]["id"])) { $userauth->currentmarkAsExp($clientToken[0]["id"]); } // clear cookies $util->clearAuthCookie(); } } ?>
Unset – PHP session and cookies
Clear all the Remembered Signin with secure PHP Session and Cookies on SignOut
clearAuthCookie(); header("Location: ./"); ?>
Database Script
-- -- Database: `login_auth` -- -- -------------------------------------------------------- -- -- Table structure for table `employee` -- CREATE TABLE `employee` ( `employee_id` int(8) NOT NULL, `employee_name` varchar(255) CHARACTER SET utf8 NOT NULL, `employee_password` varchar(64) NOT NULL, `member_email` varchar(255) CHARACTER SET utf8 NOT NULL ) ENGINE=InnoDB DEFAULT CHARSET=latin1; -- -- Dumping data for table `employee` -- INSERT INTO `employee` (`employee_id`, `employee_name`, `employee_password`, `member_email`) VALUES (1, 'admin', '$2a$10$0FHEQ5/cplO3eEKillHvh.y009Wsf4WCKvQHsZntLamTUToIBe.fG', '[email protected]'); -- -------------------------------------------------------- -- -- Table structure for table `user_tbl_auth_token` -- CREATE TABLE `user_tbl_auth_token` ( `id` int(11) NOT NULL, `clientname` varchar(255) NOT NULL, `password_hash` varchar(255) NOT NULL, `selector_hash` varchar(255) NOT NULL, `is_active` int(11) NOT NULL DEFAULT '0', `expiry_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP ) ENGINE=InnoDB DEFAULT CHARSET=latin1; -- -- Indexes for dumped tables -- -- -- Indexes for table `employee` -- ALTER TABLE `employee` ADD PRIMARY KEY (`employee_id`); -- -- Indexes for table `user_tbl_auth_token` -- ALTER TABLE `user_tbl_auth_token` ADD PRIMARY KEY (`id`); -- -- AUTO_INCREMENT for dumped tables -- -- -- AUTO_INCREMENT for table `employee` -- ALTER TABLE `employee` MODIFY `employee_id` int(8) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=2; -- -- AUTO_INCREMENT for table `user_tbl_auth_token` -- ALTER TABLE `user_tbl_auth_token` MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=17; COMMIT;
Userauth and DBController Classes
These are the following the classes need to call as well as trigger and manage somde database CRUD operations. The mysql database querying is exucute call crud operations with the MySQLi OOP prepared statement.
Userauth.php
runQuery($live_sql_query, 's', array($clientname)); return $result; } function getTokenByUsername($clientname,$expired) { $database_manage = new DBController(); $live_sql_query = "Select * from user_tbl_auth_token where clientname = ? and is_active = ?"; $result = $database_manage->runQuery($live_sql_query, 'si', array($clientname, $expired)); return $result; } function currentmarkAsExp($authTokenId) { $database_manage = new DBController(); $live_sql_query = "UPDATE user_tbl_auth_token SET is_active = ? WHERE id = ?"; $expired = 1; $result = $database_manage->update($live_sql_query, 'ii', array($expired, $authTokenId)); return $result; } function insertToken($clientname, $random_password_hash, $random_selector_hash, $expiry_date) { $database_manage = new DBController(); $live_sql_query = "INSERT INTO user_tbl_auth_token (clientname, password_hash, selector_hash, expiry_date) values (?, ?, ?,?)"; $result = $database_manage->insert($live_sql_query, 'ssss', array($clientname, $random_password_hash, $random_selector_hash, $expiry_date)); return $result; } function update($live_sql_query) { mysqli_query($this->conn,$live_sql_query); } } ?>
DBController.php
For DBcontroller -> Secure Login Remember Me PHP Session and Cookies Examples
conn = $this->connectDB(); } function connectDB() { $conn = mysqli_connect($this->host,$this->user,$this->password,$this->database); return $conn; } function runBaseQuery($live_sql_query) { $result = mysqli_query($this->conn,$live_sql_query); while($row=mysqli_fetch_assoc($result)) { $resultset[] = $row; } if(!empty($resultset)) return $resultset; } function runQuery($live_sql_query, $operation_types, $operation_value_array) { $querySQLqq = $this->conn->prepare($live_sql_query); $this->bindQueryParams($querySQLqq, $operation_types, $operation_value_array); $querySQLqq->execute(); $result = $querySQLqq->get_result(); if ($result->num_rows > 0) { while($row = $result->fetch_assoc()) { $resultset[] = $row; } } if(!empty($resultset)) { return $resultset; } } function bindQueryParams($querySQLqq, $operation_types, $operation_value_array) { $operation_value_reference[] = & $operation_types; for($i=0; $iconn->prepare($live_sql_query); $this->bindQueryParams($querySQLqq, $operation_types, $operation_value_array); $querySQLqq->execute(); } function update($live_sql_query, $operation_types, $operation_value_array) { $querySQLqq = $this->conn->prepare($live_sql_query); $this->bindQueryParams($querySQLqq, $operation_types, $operation_value_array); $querySQLqq->execute(); } } ?>
Output for Remember Me with Signin Form
This below screenshot Secure Login Remember Me PHP Session and Cookies for displays the user UI for the PHP secured Remember Me with a signin form.
Angular 6 CRUD Operations Application Tutorials
Read :
Summary
You can also read about AngularJS, ASP.NET, VueJs, PHP.
I hope you get an idea about Login page with Remember me in PHP.
I would like to have feedback on my Pakainfo.com blog.
Your valuable feedback, question, or comments about this article are always welcome.
If you enjoyed and liked this post, don’t forget to share.