php session variables.....

[chandru_cp]

Hi guyz,

            I'm new to php i'm creating a site has a registration page after registration it goes to login page and change password page.I want to know how to set a value in session variable for my page.....giv me a sample script...plz help me thanks in advance..

[Anzeo]

session var's are declared as follows:

 

$_SESSION['puthereyourvarname'] = ..

 

Only thing you need at the top of every page is: session_start();

 

you can then read out the $_SESSION variables you have declared.

 

I hope this was clear, good luck!

[Goldeneye]

Well I was beaten to the answer, but I'll expand on, and complement the post by Anzeo.

 

Setting session-variables are easy.

 

<?php
session_start();

if(isset($_POST['action'])){
	$_SESSION['username'] = $_POST['username'];
	$_SESSION['password'] = $_POST['password'];
	echo 'Hello, '.$_SESSION['username'];
}

echo '<div><form action="'.$_SERVER['PHP_SELF'].'" method="post">';
echo '<input type="text" name="username"><br />';
echo '<input type="text" name="password"><br />';
echo '<input type="submit" name="action" value="Go"><br />';
echo '</form></div>';
?>

 

A couple of things about this code:

1) session_start must at the beginning of the script (or at least before ANY output or $_SESSION variables are used)

2) You should NEVER store a user's password inside a $_SESSION variable. Doing so is very a insecure practice.

[Anzeo]

2) You should NEVER store a user's password inside a $_SESSION variable. Doing so is very a insecure practice.

 

Unless you md5 it ofcourse

[Yesideez]

I would never even store an MD5 or SHA1 hash inside a session variable without salting it first and even then I wouldn't plus I can't see any reason why you'd need to store it.