I might as well continue with this thread (not sure if I should but I'll do that as the 2nd question is related)...


This is how I've been told to deal with authentication. It's quite simple I guess but it works fine for the stage I'm working at:

1 - I've made a hash field in my users table.
2 - When you register it is set to 0.
3 - When you login successfully the hash is set to a random number.
4 - I put the hash into a cookie as well.
5 - Each time a user logs in the hash is randomly generated.

6 - If I want to check if a user has logged in I just compare hash in cookie and hash field.

This is what I've got so far:

Code:
//Checks if there is a login cookie
if(isset($_COOKIE['my_hash']))
//if there is, it checks to see if my_hash = userhash
{ 
$c_user = $_COOKIE['my_username']; 
$c_hash = $_COOKIE['my_hash'];
        
$check = mysql_query("SELECT * FROM Users WHERE Username = '$c_user'")or die(mysql_error());
 
while($info = mysql_fetch_array( $check ))      
{
if ($c_hash != $info['Userhash']) // not logged in
{
 
}
else // logged in already
{
 
header("Location: users.php");
}
}
}

What I want to do is put that into a function so that I can call it whenever I need to check if the user is logged in or not. I guess because I am included username with it I can get the users details...

How should I put it into a function, and how would I correctly call it?? Thx