Jump to content

When Using a Login Script?

glassfish

By glassfish
in PHP Coding Help

Recommended Posts

glassfish Regular Member

glassfish

Posted
Posted

I am looking to use this for an admin panel.

 

session_start.php

"session_start()"
"if statement" where it checks if a successful login is given

Is it necessary to include "session_start.php" into the top of each script file?

 

If I just include "session_start.php" into the top of the "main" file where the other script files are included inside of the "main" as well, then I have it in ways where the other script files could get called up through the URL.(?)

 

I thought it is a bit too much to include "session_start.php" into each script file.

 

Is there a way where this can be done with more simple ways?

 

I would appreciate the suggestions a lot.

Link to comment
https://forums.phpfreaks.com/topic/292051-when-using-a-login-script/
Share on other sites
NotionCommotion Prolific Member

NotionCommotion

Posted
Posted

 

Is it necessary to include "session_start.php" into the top of each script file?

 

If I just include "session_start.php" into the top of the "main" file where the other script files are included inside of the "main" as well, then I have it in ways where the other script files could get called up through the URL.(?)

 

I thought it is a bit too much to include "session_start.php" into each script file.

 

Is there a way where this can be done with more simple ways?

 

 

 

 

I typically just have one or maybe a couple of entry points:

 

index.php

//error settings, date settings, etc...
session_start();
//based on $_GET['page'], figure out which part of script to run...
Frank_b Newbie

Frank_b

Posted
Posted

I hope i do understand your questions.

 

First of all, includes in php are includes from the server's filesystem . That will say that you can include php files from any directory where you have enough rights to read them.

And that means that you can include the files from a place outside your public html directories. (or web-root),

 

For example if your webroot starts here: /var/www/public_html and your main index.php is here: /var/www/public_html/index.php then you could for example make a new directory in the /var/www directory and name him includes for example. in this new directory you can place your php include files like sessions.php for example.

 

The result would be this:

/var/www/includes/sessions.php

/var/www/public_html/index.php

 

inside the index.php you could include sessions.php:

include '/var/www/includes/sessions.php';

But sessions.php is NOT available from outside the server.

maxxd Prolific Member

maxxd

Posted
Posted

You don't. What Frank_b is suggesting is putting your included scripts above the web root, where the user can't access them anyway. Anything above the /public_html/ directory (in this server set-up, sometimes it's called /www/, sometimes it's /html_docs/) is inaccessible from the internet. So, by using something like

require_once('../includes/IncludedFile.php');

from your /var/user_directory/public_html/index.php script, you'll be accessing /var/user_directory/includes/IncludedFile.php, and can use the functions or class in that script in your display file. Of course, Frank_b was recommending an absolute server path to the includes directory instead of the relative that I typed.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.