Thx Christopher for replying. Ok, let me see if I understand you correctly...
The user enters username and password on index.php, this is posted to login.php. On login.php after I verify the user is who he/she says they are I set a cookie called "accessedbefore" to "yes" and redirect them to the main page. Am I allowed to set a cookie and redirect them after determining who the user is? How would I redirect them after setting the cookie? Header function or is there a better way? Thx Joe :) "Christopher William Wesley" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Just do your authentication before you send any HTML (including any > whitespace). I actually recommend not sending ANY HTML from your > authentication script. Authenticate them, set your cookie, and redirect > the visitor to an appropriate next page, based on whether or not they've > successfully authenticated. > > BTW - storing the username/password in the cookie makes no sense They've > already authenticated ... just store a user-is-logged-in cookie which > expires after X minutes/hours/etc. It's a good practice for when you'll > have to deal with privacy & security concerns. > > ~Chris /"\ > \ / September 11, 2001 > X We Are All New Yorkers > / \ rm -rf /bin/laden > > On Mon, 12 Nov 2001, Joe Van Meer wrote: > > > Hi there, I'm new to php coming from an asp background and would like to > > know the easiest way to automate a login process. I have one page called > > 'index.php' and it contains a form with 2 elements, username and password. > > This page is posted to th 'login.php' and here I do a check against the > > database to see if the person is who they say they are. This where I came > > across a problem...I would like to set a cookie on the user's machine once I > > know they are who they say they are. So I attempted to create a cookie to > > hold their username and password upon successful login..I received the > > following error...Warning: Cannot add header information - headers already > > sent by (output started at E:\ez\codesnipits\login.php:16) in > > E:\ez\codesnipits\login.php on line 66. > > > > So I looked up in the manual and found that I can't do it this way. I can't > > send header info after the header has been sent for obvious reasons. So how > > the heck do I manage to do this? What I would to do is have the user login > > once, and each subsequent time they visit , skip the login process via their > > username and password in the cookie. > > > > Any insight to this type of process would greatly be appreciated. > > > > Thx Joe > > p.s Sorry about the bold font ;) > > > > > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > To contact the list administrators, e-mail: [EMAIL PROTECTED] > > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]