i Still dont understand sessions And I Really need them at this point.

[Demonic]

Im trying to find out how to best learn sessions but I just can't seen to understand them in any way/or form.

Can someone point me in a direction to where I best to look(I'm still looking on google :()

[DarkHavn]

A session is just a value you can set just like a variable and that can be be passed from page to page,

Well as long as you put

[code]
session_start();
[/code]
at the start of each page that you are trying to use sessions

Ok i will give you an example, say we had a form where the person could enter their first name, and the name of this input feild was 'firstname'

the following script takes that value from the $_POST and stores it to a session

[code]
session_start(); //Remember you need this to be able to carry information //from page to page using sessions

if($_POST['firstname']){

$_SESSION['firstname'] = $_POST['firstname'];
//Just an example, a real script you would check the information //submitted by a form for attempts to crack/hack your database or anything
//along those lines

}

[/code]

So in that script, i have stores the information the user supplied in the form, (their first name) and set it to a session, so say in another page i want to access that information again, then you can by typing out that session

$_SESSION['firstname'] //always holds the information that was in the form unless you unset it

[Demonic]

Just like cookies basically?

So how can I make a page like generate so everytime you leave the page you have to login.

Basically an Admin CP page like InvisionPowerBoard 2.1.7 and other versions. You have to login everytime you leave page.

How do I do somthen like that?

[DarkHavn]

Well with that you can go two ways.

Having the session time out after so long, so if the person doesn't manually log out, then after a few minutes they are logged out, or prompted or what not.

Everytime they log on

set a session

$_SESSION['loggedon'] = true

after you have checked they are an actual user in the database.

Then carry on to when the log out

$_SESSION['loggedon'] = false

and do checks like

if($_SESSION['loggedon'] == true){

//then do this html



} else {

//user isn't logged on

//login form

}

phpfreaks offer some good tutorials

[newb]

sessions arent hard to get once u learn the concept of them, and are quite easier to use than cookies imho.

[quote]
So how can I make a page like generate so everytime you leave the page you have to login.
[/quote]

session variables automatically are unset when a user closes the browser i believe.

[DarkHavn]

Really?

I thought the sessions are unset depending on the information you supply

newb check out the php_info(); (i think that's the function) and check out the information im sure somewhere in there it has the sessions that has the time out value to when they are unset,

as i have servers set up at home for testing and when coding i'm always having to clear my browser due to the sessions for testing reasons

[onlyican]

sessions die when the browser session ends, hint the name sessions
just please remember
Line 1 of your code
Before any HTM code (<html>)
you NEED
<?php session_start(); ?>

[quote author=DarkHavn link=topic=108851.msg438348#msg438348 date=1158790007]
Really?

I thought the sessions are unset depending on the information you supply

newb check out the php_info(); (i think that's the function) and check out the information im sure somewhere in there it has the sessions that has the time out value to when they are unset,

as i have servers set up at home for testing and when coding i'm always having to clear my browser due to the sessions for testing reasons
[/quote]

That is to do with the time

If I dont close my browser, and the time has passed, which is set in the php.ini, then the session will still die

and the function is phpinfo(); (no underscore)

The sessions can still be there, if not stored as a temp, but they are not valid

[newb]

i think both of our points are quite valid actually.

sessions indeed have a timeout value to when they are unset(for instance: if a user does not close their browser and leaves his browser running idle, it will time out) and the sessions automatically unset every time the user closes his browser due to the fact that sessions are stored on the webserver(aside from the phpsessid), unlike cookies(where the information is stored on the client's hard disk).

[Demonic]

[code]<?php session_start(); ?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN"
  "http://www.w3.org/TR/html4/frameset.dtd">
<HTML>
<HEAD>
<TITLE>Admin Control Panel</TITLE>
</HEAD>
<?php
include "config.php";
if($logged[level] != 5){
echo "You do not have access to this page";
exit();
}
?>
<?php
$acpuname = no_injection($_POST['username']);
$password = md5($_POST['password']);
$_SESSION['username'] = $acpuname;
$_SESSION['password'] = $password;
if($_SESSION['username'] != true && $_SESSION['password'] !=true){
echo "<form method='post'><table colspan='2'><tr><td>Name:</td><td><input type='text' name='username'></td></tr><tr><td>Password:</td><td><input type='password' name='password'></td></tr></table><input type='submit' name='login'></form>";
$result = mysql_query("SELECT * FROM users WHERE username='$acpuname' AND password='$password' ");
$true = mysql_fetch_array($result);
}
if(isset($_POST['submit'])){
if($true[username] == $acpuname){
$_SESSION['username'] = true;
}
if($true[password] == $password){
$_SESSION['password'] = true;
}
}
if($_SESSION['username'] == true AND $_SESSION['password'] == true){
?>
<frameset rows="20%,80%" border="0">

<frame src="acpb.php" noresize="noresize" border="0">

<frameset cols="25%,75%" border="0">
<frame src="content.php" noresize="noresize" border="0">
<frame src="admin.php" name="showframe" noresize="noresize" border="0">
</frameset>

</frameset>
</HTML>
<? } ?>[/code]

I Written that code and I get a blank page I don't think I have written it correctly.


Now I used and else statement and when i close window or leave page and go back to it it still shows page?

[code]
<?php session_start(); ?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN"
  "http://www.w3.org/TR/html4/frameset.dtd">
<HTML>
<HEAD>
<TITLE>Admin Control Panel</TITLE>
</HEAD>
<?php
include "config.php";
if($logged[level] != 5){
echo "You do not have access to this page";
exit();
}
?>
<?php
$acpuname = no_injection($_POST['username']);
$password = md5($_POST['password']);
$_SESSION['username'] = $acpuname;
$_SESSION['password'] = $password;
if($_SESSION['username'] != true && $_SESSION['password'] !=true){
echo "<form method='post'><table colspan='2'><tr><td>Name:</td><td><input type='text' name='username'></td></tr><tr><td>Password:</td><td><input type='password' name='password'></td></tr></table><input type='submit' name='login'></form>";
$result = mysql_query("SELECT * FROM users WHERE username='$acpuname' AND password='$password' ");
$true = mysql_fetch_array($result);
}
if(isset($_POST['submit'])){
if($true[username] == $acpuname){
$_SESSION['username'] == true;
}
if($true[password] == $password){
$_SESSION['password'] == true;
}
}
else{
?>
<frameset rows="20%,80%" border="0">

<frame src="acpb.php" noresize="noresize" border="0">

<frameset cols="25%,75%" border="0">
<frame src="content.php" noresize="noresize" border="0">
<frame src="admin.php" name="showframe" noresize="noresize" border="0">
</frameset>

</frameset>
</HTML>
<?php
}
?>
[/code]

whats wrong?

[newb]

pretty sloppy, mess around with it a bit, and make it neater while ur at it..hurts my eyes to look at.

[Demonic]

??? I can't get the shit to work been messing around with it for a while. Any body know whats wrong?

[Demonic]

bump

[Demonic]

bump again O_O

[onlyican]

Do u know, all the bumping ur doing, ur less likly to get a responce. As it makes more posts

Anyway
From the First Script
[quote]
<?php
include "config.php";
if($logged[level] != 5){
echo "You do not have access to this page";
exit();
}
?>
[/quote]
You need to call the session, and call the key with quotes, or it will look for a Constant
if($_SESSION["logged"] != 5){

is no_injection your own function? I aint heard of it, and cant find it on php.net

Also, Where are ytour HTM body tags
<body>
</body>
After </head>
Before </html>

Code Block 2
again as I mentioned above
$logged[level]

[quote]
if($true[username] == $acpuname){
[/quote]
Again, its looking for the Defined value of username, not the value username, you need quotes
and if its a session, then $_SESSION


Also Remember
Sessions dont always die as soon as the browser is closed
Closed ALL browser activities, not just your site
Go have a smoke, make a cup of tea or something
Then try