Jump to content

$_SESSION


mjnmixael

Recommended Posts

I need to replace session_register() with $_SESSION for my website.

 

I'm very new to PHP and I'm not sure I understand the difference between the two, but I know session_register is depreciated, so I want to get my code up to date.

 

Here are my 3 scripts, can someone help me, by showing me how they need to change, but still work the same?

 

Login

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=md5($_POST['mypassword']);

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE user_login='$myusername' and user_pass='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "subscribers.php"
session_register("myusername");
session_register("mypassword");
// create cookie
$_SESSION['username']=$myusername;
$_SESSION['password']=$mypassword;
if(isset($_POST['remember'])){
setcookie("tisname", $_SESSION['username'], time()+60*60*24*100, "/", '.timingishstudios.com');
setcookie("tispass", $_SESSION['password'], time()+60*60*24*100, "/", '.timingishstudios.com');
}
// contine to page
header("location:subscribers.php");
}
else {
header("location:invalidlogin.php");
}
?>

 

Check Login

<?
session_start();
if(isset($_COOKIE['tisname']) && isset($_COOKIE['tispass'])){
$myusername = $_COOKIE['tisname'];
$mypassword = $_COOKIE['tispass'];
session_register("myusername");
session_register("mypassword");
}
if(!session_is_registered(myusername)){
header("location:main_login.php");
}
?>

 

Logout

<?
session_start();
session_destroy();
if(isset($_COOKIE['tisname']) && isset($_COOKIE['tispass'])){
setcookie("tisname", "", time()-60*60*24*100, "/", '.timingishstudios.com');
setcookie("tispass", "", time()-60*60*24*100, "/", '.timingishstudios.com');
}
?>

Link to comment
https://forums.phpfreaks.com/topic/182076-_session/
Share on other sites

In your case all you really need to do to the first script is remove the lines that use session_register. The following two blocks do the same thing as each other (technically they store them under different names, but meh, hopefully you know what I mean)...

 

// this
session_register("myusername");
session_register("mypassword");
// same as
$_SESSION['username']=$myusername;
$_SESSION['password']=$mypassword;

In the second script...

 

// replace all of this
$myusername = $_COOKIE['tisname'];
$mypassword = $_COOKIE['tispass'];
session_register("myusername");
session_register("mypassword");
// with
$_SESSION['username'] = $_COOKIE['tisname'];
$_SESSION['password'] = $_COOKIE['tispass'];

There are a few other things that I would recommend changing/checking, but I think that answers your actual quesion.

Link to comment
https://forums.phpfreaks.com/topic/182076-_session/#findComment-960503
Share on other sites

session_is_registered is also a deprecated function. You should instead check something along the lines of...

 

if(!isset($_SESSION['username']))

The problem you are having is your current code checks the session array for myusername but in the process of scraping session_register you have renamed the variable in the array from my

 

Edit: You worked it out...

Link to comment
https://forums.phpfreaks.com/topic/182076-_session/#findComment-960520
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.