twsowerby Posted April 9, 2008 Share Posted April 9, 2008 Hi all, Just getting my head around sessions and came across a stumbling block. I have the following code which compares a login form to a database value and starts a new session. It also stores a cookie containing the session id. I got this code from a tutorial and understand how it works. <?php // Check if the information has been filled in if($psEmail == '' || $psPassword == '') { // No login information header('Location: login.php?refer='.urlencode($psRefer)); } else { // Authenticate user $hDB = mysql_connect('localhost', '', ''); mysql_select_db('fyp', $hDB); $sQuery = " Select iUser, MD5(UNIX_TIMESTAMP() + iUser + RAND(UNIX_TIMESTAMP())) sGUID From tblUsers Where sEmail = '$psEmail' And sPassword = password('$psPassword')"; $hResult = mysql_query($sQuery, $hDB); if(mysql_num_rows($hResult)) { $aResult = mysql_fetch_row($hResult); // Update the user record $sQuery = " Update tblUsers Set sGUID = '$aResult[1]' Where iUser = $aResult[0]"; mysql_query($sQuery, $hDB); // Set the cookie and redirect setcookie("session_id", $aResult[1]); if(!$psRefer) $psRefer = 'index.php'; header('Location: '.$psRefer); } else { // Not authenticated header('Location: login.php?refer='.urlencode($psRefer)); } } ?> I'm not sure how to do the logout part of this though, how do you end the session? presumably I also have to remove the cookie that stores the session ID. Any help would be appreciated, thanks. Tom Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.