I have a few things on my site which requires a user to be logged with a cookie. Until now I have had the cookie checker code on each page that required it, but that makes it very difficult to change things in the code.

Therefore, I want it all in one simple php file which I can then include() on each page, but I'm not sure how to do it...here is examples of the two codes:

Code I have on each page
PHP Code:
// Suppose you use the POST method in your form and return to this page
// First, check the status: unknown user, just logged in, or known user

unset( $user );
unset( 
$pass );
if( isset( 
$HTTP_POST_VARS['username']) ) 
{
    
//    Just logged in

    
$user $HTTP_POST_VARS['username'];
    
$pass $HTTP_POST_VARS['password'];

 
$check "SELECT * FROM phpbb2_users WHERE
        username = '
$user' AND user_password = md5('$pass')";
        
$check_result mysql_query($check);

    if(
mysql_num_rows($check_result)) {

    
$email mysql_result($check_result,0,"user_email");
    
$userid mysql_result($check_result,0,"user_id");

    
setcookie('username'$usertime() + (90 86400), '/'); 
    
setcookie('password'$passtime() + (90 86400), '/');
    
setcookie('useremail'$emailtime() + (90 86400), '/');
    
setcookie('id'$useridtime() + (90 86400), '/');

    } else {

    unset( 
$user );
    unset( 
$pass );

    
$wrong "<center>Your username or password is incorrect.<br>Please try again:</center>";
        
    }

    
// Note that cookie is only available next times you load the page, not now yet

}elseif( isset( $HTTP_COOKIE_VARS['username'] ))
{
    
// known user
    
$user $HTTP_COOKIE_VARS['username'];
    
$pass $HTTP_COOKIE_VARS['password'];
    
$email $HTTP_COOKIE_VARS['useremail'];
    
$userid $HTTP_COOKIE_VARS['id'];
}

// All cookie stuff has been handled now, no output to the screen yet, 
// and the username is in the variable 'user'

if( isset( $user ) ) :

// *****************************************************************
// ********************If the user is logged in ********************
// *****************************************************************
// If the user is logged in; double check his password and username match

$check2 "SELECT * FROM phpbb2_users WHERE
        username = '
$user' AND user_password = md5('$pass')";
        
$check_result2 mysql_query($check2);

    if (
mysql_num_rows($check_result2)) {


// *****************************************************************
// ***If username and password match is displayes the review form***
// *****************************************************************

// STUFF TO DO IF THE USER IS LOGGED IN

// *****************************************************************
// *************If username and password DOT NOT match *************
// *****************************************************************

    
} else {

# STUFF TO DO IF THE PASSWORD AND USERNAME DOESN*T MATCH

else :

// ********************If the user is NOT logged in ****************
// *****************************************************************

# STUFF TO DO IF THE USER IS -NOT- LOGGED IN

endif; 
As you can see, I have to include the actual page in between the cookie checker. This is what I have done so far in the include file:

PHP Code:
// Suppose you use the POST method in your form and return to this page
// First, check the status: unknown user, just logged in, or known user

unset( $c_user );
unset( 
$c_pass );
if( isset( 
$HTTP_POST_VARS['username']) ) 
{
    
//    Just logged in

    
$c_user $HTTP_POST_VARS['username'];
    
$c_pass $HTTP_POST_VARS['password'];

 
$check "SELECT * FROM phpbb2_users WHERE
        username = '
$c_user' AND user_password = md5('$c_pass')";
        
$check_result mysql_query($check);

    if(
mysql_num_rows($check_result)) {

    
$email mysql_result($check_result,0,"user_email");
    
$c_userid mysql_result($check_result,0,"user_id");

    
setcookie('username'$c_usertime() + (90 86400), '/'); 
    
setcookie('password'$c_passtime() + (90 86400), '/');
    
setcookie('useremail'$emailtime() + (90 86400), '/');
    
setcookie('id'$c_useridtime() + (90 86400), '/');

    
$logged_in "yes";

    } else {

    unset( 
$c_user );
    unset( 
$c_pass );

    
$wrong "<center>Your username or password is incorrect.<br>Please try again:</center>";
        
    }

    
// Note that cookie is only available next times you load the page, not now yet

}elseif( isset( $HTTP_COOKIE_VARS['username'] ))
{
    
// known user
    
$c_user $HTTP_COOKIE_VARS['username'];
    
$c_pass $HTTP_COOKIE_VARS['password'];
    
$c_email $HTTP_COOKIE_VARS['useremail'];
    
$c_userid $HTTP_COOKIE_VARS['id'];
}

// All cookie stuff has been handled now, no output to the screen yet, 
// and the username is in the variable 'c_user'

if( isset( $c_user ) OR $logged_in == 'yes') :

// *****************************************************************
// ********************If the user is logged in ********************
// *****************************************************************

// If the user is logged in; double check password and username

$check2 "SELECT * FROM phpbb2_users WHERE
        username = '
$c_user' AND user_password = md5('$c_pass')";
        
$check_result2 mysql_query($check2);

    if (
mysql_num_rows($check_result2)) {

$logged_in "yes";

// *****************************************************************
// *************If username and password DOT NOT match *************
// *****************************************************************

    
} else {

    echo(
"You are logged in, but your username and password doesn't match. Please log out and try again");
    }

else :

// ********************If the user is NOT logged in ****************
// *****************************************************************

echo("<font size='2' face='Arial'><b>$wrong</b></font><p>");

$logged_in "no";

endif;

    
$output .= "----------<br>";
    
$output .= "$row[headline]<br>";
    
$output .= "----------<br>";
    
$output .= "$row[newstext]<p>";

$login_form "";
$login_form .= "<div align=\"center\"><table border=\"0\" width=\"65%\"><tr><td><br><font size=\"2\" 
face=\"arial\" color=\"#800000\"><b><p>Log in:</p></b></font></td></tr>"
;

$login_form .= "<form action=\"$PHP_SELF?\" method=\"post\"><font size=\"2\" face=\"arial\"><tr><td><table border=\"0\"><tr><td>
<font size=\"2\" face=\"arial\">User ID:</td><td><input type=\"text\" name=\"username\" size=\"8\"><br></td></tr><tr><td>
<font size=\"2\" face=\"arial\">Password:</td><td><input type=\"password\" name=\"password\" SIZE=\"8\"><br></td></tr></table></td>
</tr></table></div><center><p><input type=\"Submit\" name=\"Submit\" value=\"Submit\"></center></form>"

As you can see this is basically the same code, but instead of putting the actual page between the code, it now set the value $logged_in to either "yes" or "no" depending on if the user is logged in or not.

I can then do this on the actual page after the cookie checker has been included:
PHP Code:
if ($logged_in == 'yes'){ STUFF TO DO IF LOGGED IN }
if (
$logged_in == 'no'){ STUFF TO DO IF -NOTLOGGED IN echo $login_form;} 
It seems to work with one script, but not with another...Can it be done in a clever and more effective way? I assume most people include() their cookie checker in some way and I also assume it can be done in a better way