Jump to content


  • Posts

  • Joined

  • Last visited


Posts posted by john010117

  1. when i upload images they automatically chmod to 600 but I need 777... how can i achieve this without doing it automatically?


    Didn't you mean to ask how you can achieve this by the server doing it automatically (instead of doing it manually by yourself)?

  2. I see another problem. When a user doesn't fill in a required field, and the popup shows up, the values for all the required input boxes shows up as "{$_POST[". You might want to fix that.

  3. Even though the security image works, the script doesn't check that all the required fields (other than the CAPTCHA) are filled in. I just filled in the captcha, and it displays the thank you page. You might want to fix that.

  4. Yes, I've read that page and read all of the comments. The codes posted there either saves the session data to files (which I really don't want) or they don't really explain a lot. I want to be able to save sessions to a database, so I can easily view who logged in/logged out and at what time/date. Since I am more fluent with PHP/MySQL than PHP/Files, that's the route I want to take. Any suggestions?

  5. Since I have yet to find a good and easy-to-follow tutorial on session_set_save_handler, I am just coding my own PHP session system where it saves a user's activity throughout the site into a MySQL database. Tell me if I need any improvements to my logic.


    Logging in

    First, when a user logs in, I will first check to see that the user/pass they've provided matches the ones stored in the database. Then, I will get the PHPSESSID from that user ($_REQUEST['PHPSESSID']) and put that as a value in a cookie. Then, I will INSERT the uid (user id) and the PHPSESSID in a seperate, sessions table. I will then create a session ($_SESSION) named after the user's uid.


    Browsing throughout the site

    On all of the secure pages, I will just include the session_check.php file.



    Every time a user loads the page, I will first check that the $_SESSION['uid'], and the PHPSESSID cokkie exists. Then, I will take the value of that cookie, and check it against the PHPSESSID data stored in the database. If it matches, the user may continue on. If it doesn't (or one doesn't exist), the user will be redirected to login.php.


    So, can you make any suggestions to improve this system? Or do you have a good tut on session_set_save_handler that stores it in a database?

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.