Implemented autologin

database.sql

@@ -37,7 +37,7 @@ CREATE TABLE IF NOT EXISTS `jobs` (
   `delay` int(11) NOT NULL,
   `nextrun` int(11) NOT NULL,
   PRIMARY KEY (`jobID`)
-) ENGINE=InnoDB AUTO_INCREMENT=8 DEFAULT CHARSET=utf8;
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 -- --------------------------------------------------------
 
@@ -53,7 +53,7 @@ CREATE TABLE IF NOT EXISTS `runs` (
   `result` longtext NOT NULL,
   `timestamp` int(11) NOT NULL,
   PRIMARY KEY (`runID`)
-) ENGINE=InnoDB AUTO_INCREMENT=8 DEFAULT CHARSET=utf8;
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 -- --------------------------------------------------------
 
@@ -67,8 +67,9 @@ CREATE TABLE IF NOT EXISTS `users` (
   `name` varchar(50) NOT NULL,
   `password` char(60) NOT NULL,
   `email` varchar(100) NOT NULL,
+  `autologin` text NOT NULL,
   PRIMARY KEY (`userID`)
-) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 COMMIT;
 
 /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;

index.php

@@ -27,6 +27,17 @@
 require_once "include/initialize.inc.php";
 
 if ($_SERVER["REQUEST_METHOD"] == "GET") {
+    if(isset($_COOKIE["secure_auth"]) && isset($_COOKIE["secure_auth_name"])) {
+        $userQry = $db->prepare("SELECT * FROM users WHERE name = ?");
+        $userQry->execute(array($_COOKIE["secure_auth_name"]));
+        $user = $userQry->fetchAll(PDO::FETCH_ASSOC);
+        
+        if (in_array($_COOKIE["secure_auth"], unserialize($user[0]["autologin"]))) {
+            $_SESSION['userID'] = $user[0]['userID'];
+            header("location:overview.php");
+            exit;
+        }
+    }
     $loader = new Twig_Loader_Filesystem('templates');
     $twig = new Twig_Environment($loader, array('cache' => 'cache', "debug" => true));
     
@@ -52,6 +63,7 @@ elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
     
     $passwd = $_POST['passwd'];
     $name = $_POST['name'];
+    $autologin = $_POST["autologin"];
        
   
     $userQry = $db->prepare("SELECT * FROM users WHERE name = ?");
@@ -59,7 +71,26 @@ elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
     $user = $userQry->fetchAll(PDO::FETCH_ASSOC);
     
     if ( password_verify($passwd, $user[0]['password']) ) {
+        
         $_SESSION['userID'] = $user[0]['userID'];
+        
+        if ($autologin = "autologin") {
+            $autologin = hash("sha512", $user[0]["name"] . $user[0]["password"] . session_id());
+            setcookie("secure_auth", $autologin, time() + (60 * 60 * 24 * 365));
+            setcookie("secure_auth_name", $user[0]["name"] , time() + (60 * 60 * 24 * 365));
+        
+            $autologin_array = array();
+            if (!empty($user[0]["autologin"])) $autologin_array = unserialize($user[0]["autologin"]);
+            $autologin_array[] = $autologin;
+            
+            /*var_dump($autologin_array);
+            exit;*/
+
+            $loginQry = $db->prepare("UPDATE users SET autologin = ? WHERE userID = ?");
+            $loginQry->execute(array(serialize($autologin_array), $_SESSION["userID"]));
+        }
+       
+        
         header("location:overview.php");
         exit;
        

templates/index.html.twig

@@ -33,6 +33,10 @@
                     <label for="passwd">Password</label>
                     <input type="password" name="passwd" class="form-control" id="url" placeholder="password">
                 </div>
+                <div class="form-group col-sm-12">
+                    <input type="checkbox" name="autologin" id="autologin" value="autologin">
+                    <label for="autologin">Remember, remember</label>
+                </div>
                 <button type="submit" class="btn btn-default">Submit</button>
             </form>
         </div>