How to create “remember me checkbox” using Codeigniter session library?

Question

in Codeigniter I am building an Authentication system for my web site and to achieve that I use session library

     session->set_userdata(\'username\')
<         


        

Answer 1

You could use isset to check if the cookie has a value, and if the cookie is deleted, it will return negative. If it is negative, you can set the cookie again... of course, this will be like "renewing" the cookie, so if the user doesn't come by the expiration, they will be forgotten. (Set a very big time till the expiration!)

For example:

<?php
     if (isset($_COOKIE['autologin'])) {   //Checks for cookie
         echo "Welcome back!... Logging you in.";
     }else{  //Sets a cookie
         echo "Please sign in";
         $expiretime=time()+60*60*24*365; //set expire time to a year
         setcookie("autologin", "What is here is not important.", $expiretime);
     };
?>

Answer 2

If the remember me checkbox is checked you set a cookie on the user's system with a random string. E.g.:

$cookie = array(
    'name'   => 'remember_me_token',
    'value'  => 'Random string',
    'expire' => '1209600',  // Two weeks
    'domain' => '.your_domain.com',
    'path'   => '/'
);

set_cookie($cookie);

You also save this random string in the users table, e.g. in the column remember_me_token.

Now, when a user (who is not yet logged in) tries to access a page that requires authentication:

• you check if there is a cookie by the name of remember_me token on his system
• if it's there, you check the database if there is a record with the same value
• if so, you recreate this user's session (this means they are logged in)
• show the page they were visiting

If one of the requirements above is not met, you redirect them to the login page.

For security reasons you may want to renew the random remember_me_token every time the user logs in. You can also update the expiry date of the cookie every time the user logs in. This way he will stay logged in.

It would be too much work to write all the code for you, but I hope this helps you to implement this functionality yourself. Please comment if you have any questions. Good luck.

Answer 3

I used hooks to do this

1. Enable hooks in "config.php" setting $config['enable_hooks'] = TRUE;

2. In your login controller save the checkbox value on session

   $this->session->set_userdata('remember_me', $this->input->post('remember_me'));
   

3. In your "hooks.php" file add this

   $hook['post_controller_constructor'] = array(
       'class'     => 'Change_Config',
       'function'  => 'change_session_expiration',
       'filename'  => 'change_config.php',
       'filepath'  => 'hooks'
   );
   

4. In your "hooks" folder create a file called "change_config.php" and paste this

   <?php
   class Change_Config {
       public function change_session_expiration() {
           $ci = & get_instance();
   
           $remember = $ci->session->userdata('remember_me');
   
           if($remember && $ci->session->sess_expire_on_close) {
               $new_expiration = (60*60*24*365); //A year milliseconds
   
               $ci->config->set_item('sess_expiration', $new_expiration);
               $ci->config->set_item('sess_expire_on_close', FALSE);
   
               $ci->session->sess_expiration = $new_expiration;
               $ci->session->sess_expire_on_close = FALSE;
           }
       }
   }
   

Answer 4

$this->session->sess_expiration = '14400';    // expires in 4 hours
$this->session->set_userdata($data);          // set session

Answer 5

You can just put this

if ($remember) {

  $new_expiration = (60*60*24*365);

  $this->config->set_item('sess_expiration', $new_expiration);

  $this->config->set_item('sess_expire_on_close', FALSE);

  $this->session->sess_expiration = $new_expiration;

  $this->session->sess_expire_on_close = FALSE;

}

Answer 6

I needed the same thing. You cannot accomplish this using CI settings so I have chosen to override the setcookie method of the CI Session class (in MY_Session):

function _set_cookie($cookie_data = NULL)
{
    if (is_null($cookie_data))
    {
        $cookie_data = $this->userdata;
    }

    // Serialize the userdata for the cookie
    $cookie_data = $this->_serialize($cookie_data);

    if ($this->sess_encrypt_cookie == TRUE)
    {
        $cookie_data = $this->CI->encrypt->encode($cookie_data);
    }
    else
    {
        // if encryption is not used, we provide an md5 hash to prevent userside tampering
        $cookie_data = $cookie_data.md5($cookie_data.$this->encryption_key);
    }

    setcookie(
                $this->sess_cookie_name,
                $cookie_data,
                $this->userdata('rememberme') == true ? $this->sess_expiration + time() : 0,
                $this->cookie_path,
                $this->cookie_domain,
                0
            );

}

Of course you need to set the rememberme flag in your session based upon the choice the user made.