Jump to content

Archived

This topic is now archived and is closed to further replies.

markspec87

Sessions / Cookies

Recommended Posts

i thought it best to make a thread about this.

Ive got a signup / login script sorted now (adds and checks info in databse)

But im unsure how to use cookies or sessions to implement into it my site.

What code or commands do i need to use to check if someones logged in and/or log them in / out?

thanks

Share this post


Link to post
Share on other sites
Have you seen this sample chapter?

http://www.oreilly.com/catalog/webdbapps/chapter/ch08.html

It's a great introduction to sessions.

Share this post


Link to post
Share on other sites
So would this be right?

[quote]session_start(  );

    session_register("username");
    session_register("accesslevel");

    $username=$_POST['nickname'];
    $accesslevel = "select accesslevel from members where username = '".$_POST['username']."' and password = '".$_POST['password']."';";

[/quote]

Thats part of the code if they have specified the right username and password.

Guidance would be appreciated :)

Share this post


Link to post
Share on other sites
Nope. Should be something like this:
[code=php:0]<?php
//start the session
session_start();

// connect to database first
@mysql_connect('localhost', 'db_user', 'db_user_pass') or die("Unable to connect to MySQL at this time");

@mysql_select_db('db_name') or die("Unable to select database");

// make the input safe:
$user = mysql_real_escape_string($_POST['username']);

// you should encrypt users password. rather than using plain text passwords.
$pass = mysql_real_escape_string($_POST['password']);

// perform the query first
$sql = "SELECT accesslevel FROM members WHERE username='".$user."' AND `password`=".$pass."';";

$result = @mysql_query($sql) or die("Unable to perform query");

// check that 1 row was returned, meaning a match is found
if(mysql_num_rows($result) == 1)
{
    // retrieve the access level
    $row = mysql_fetch_assoc($result);
   
    // set the session vars:
    $_SESSION['username'] = $_POST['nickname'];
    $_SESSION['accesslevel'] = $row['accessleve;'];
}[/code]

Share this post


Link to post
Share on other sites
thanks for that, login works perfectly.

So what code could i use to detect if a session is in progress?

I.e if there is a session, say "welcome username!"

thanks

Share this post


Link to post
Share on other sites
Use something like this:
[code=php:0]if (isset($_SESSION['Username']) && $_SESSION['accessleve'] >= 1)
{
    echo 'Welcome, ' . $_SESSION['Username'];
}[/code]

Make sure you  have session_start(); before you use any $_SESSION variables.

Share this post


Link to post
Share on other sites
i used

  [quote]<?php
if (isset($_SESSION['username']))

{
    echo 'Welcome, ' . $_SESSION['username'];
}
else
{
    echo "Welcome to my website!";

}
?>[/quote]

but it always says "Welcome to my website!"

any ideas?

Share this post


Link to post
Share on other sites
You havnt started the sessions thats why. When ever you need to use session variables you need have session_start(); before you use any sessions, otherwise the sessions wont work.
[code=php:0]<?php
// MUST START THE SESSION FIRST
// BEFORE USING ANY SESSION VARIABLES
session_start();

if (isset($_SESSION['username']))
{
    echo 'Welcome, ' . $_SESSION['username'];
}
else
{
    echo "Welcome to my website!";

}
?>[/code]

Share this post


Link to post
Share on other sites
Some success

The code works but it also thorws errors above the working text:

[quote]Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/terraarm/public_html/index.php:6) in /home/terraarm/public_html/index.php on line 30[/quote]

Any fix for this except covering the entirity of my page in php tags and echoing?

EDIT: Never mind fixed that :)

Share this post


Link to post
Share on other sites
Post yor exact code here from index.php. When doing so please use the the code tags  - [nobbc][code]your code here[/code][/nobbc]

Share this post


Link to post
Share on other sites
It is important that you don't have any kind of output before session_start(); - except for coments. A space between php open and session_start(); will killl you.

correct:

[code]
<?
session_start();

session_destroy();
?>[/code]

Incorrect:
[code]
<?

session_start();

session_destroy();
?>[/code]

Share this post


Link to post
Share on other sites
[quote author=quillspirit link=topic=107001.msg429344#msg429344 date=1157561387]
It is important that you don't have any kind of output before session_start(); - except for coments. A space between php open and session_start(); will killl you.

correct:

[code]
<?
session_start();

session_destroy();
?>[/code]

Incorrect:
[code]
<?

session_start();

session_destroy();
?>[/code]
[/quote]
Thats is not a valid example as this will work
[code]
<?

session_start();

session_destroy();
?>[/code]
It wont work if there is output before you use session_start. Any whitspace between <?(php) and ?> will not be outputed and so you can put as much whitespace as you like within those tags. The only time when php will display the headers already sent error is when there is some form of outpu, eg whitespace, text/html before your use any header realted functions.

Share this post


Link to post
Share on other sites
hmm run into a problem.

I can now login and logout fine.

When i login i can see the personalised message but then when i got to another page with the same code for a welcome message, it goes off.

Ive put session start at the top. What am i missing?

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.