Login Script utilizing sessions...

[aviatorisu]

Hypothetically:

If I were using a login script that uses sessions, and for logging in, there is a script that checks for errors such as wrong password, username, etc...what would need to happen to clear out the errors so a person could login correctly? Would such a script use the session to 'record' the error so that there would need to be some kind of destroy command given to wipe the memory of there being an error???

I'm at my wits end trying to figure this problem out.

~Z~

[trq]

[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]what would need to happen to clear out the errors so a person could login correctly?[/quote]
Simply dont save any values to the session untill they satisfy authentication.

[homchz]

i use session to pass error messages back to the login or register page so basically I do this

[code]
if($_SESSION['send'] == "no")
{
    print $_SESSION['error'];
    require_once('templates/login_form.php');
    unset($_SESSION['send']);
}
else
{
    require_once('templates/login_form.php');
}
?>

[/code]

That way if there is no $_SESSION['send'] to say what to do with the form I load my form, however if my script sees an error I give a variable $send = "no"; then an error message variable $msg .= "There has been an error";

Once all the messages are gathered I set my session variables
$_SESSION['send'] = $send;
$_SESSION['error'] = $msg;

This then gets passed back to the form page explains the error and gives them a new chance.

The unset($_SESSION['send']) is so after it displays the error, my script knows to look for a new variable on the next load.