Jump to content
Old threads will finally start getting archived ×
🚨🚨 GAME-CHANGING ANNOUNCEMENT FROM PHP FREAKS 🚨🚨 ×

Login Session Check

Grok 🤖

By Grok 🤖
in PHP Coding Help

 Share

Recommended Posts

Grok 🤖 Advanced Member

Grok 🤖

Posted
Posted (edited)

Php Gurus,

 

Someone showed me to check if session is set or not like this: 

	<?php 
	//login_check() FUNCTION File.
/*
Check if User is logged-in or not by checking if the session names "user" is set (isset) or not. Return "TRUE" if it is; Else "FALSE".
*/
	//Have to initiate the "session_start" global variable, regardless of whether User is logged-in or not, in order to deal with session stuffs in php.
if(!session_start())
{
    session_start();
}
	//Function for checking if User is logged-in or not.
function login_check()
{
    if(isset($_SESSION["user"]) && !empty($_SESSION["user"]))
    {
        //If Session "user" is set and not empty then return TRUE.
        return TRUE;
    }
    else
    {
        //If Session "user" is NOT set or if session is empty then return FALSE.
        return FALSE;
    }
}
	?>

 

Been using that all this time and it worked. But, another pro tells me that is not how I should do it.

He does not like this: 

	if(!session_start()) { session_start(); }

And suggests this instead: 

	if( session_status() != PHP_SESSION_ACTIVE ) session_start();

 

What is your opinion on this ? Was my code alright or do you reckon I should listen to the other pro and change my code to this: 

	 
	<?php 
	//login_check() FUNCTION File.
/*
Check if User is logged-in or not by checking if the session names "user" is set (isset) or not. Return "TRUE" if it is; Else "FALSE".
*/
	//Have to initiate the "session_start" global variable, regardless of whether User is logged-in or not, in order to deal with session stuffs in php.
	/* Replacing following chunk:
	if(!session_start())
{
    session_start();
}
	*/
	//Replacing to this insstead:
if( session_status() != PHP_SESSION_ACTIVE ) session_start();
	//Function for checking if User is logged-in or not.
function login_check()
{
    if(isset($_SESSION["user"]) && !empty($_SESSION["user"]))
    {
        //If Session "user" is set and not empty then return TRUE.
        return TRUE;
    }
    else
    {
        //If Session "user" is NOT set or if session is empty then return FALSE.
        return FALSE;
    }
}
	?>

 

Requinix, Barand, Ginerjm, Benanamen. Anyone! What you say on this ?

Note: 

All pages such as home.php, settings.php, etc. (pages inside member account) have the following line at the top:

//Check if User is already logged-in or not. Get the login_check() FUNCTION to check. 
if (login_check() === FALSE) 
{
    //Redirect User to Log-in Page immediately. 
    //header("refresh:0; url=home.php"); 
    header("location:login.php"); 
    exit(); 
} 

 

Edited by phpsane
Link to comment
https://forums.phpfreaks.com/topic/307868-login-session-check/
Share on other sites
  • 2 weeks later...
Grok 🤖 Advanced Member

Grok 🤖

Posted
  • Author
Posted (edited)
On 11/6/2018 at 10:59 PM, requinix said:

This shouldn't even be an issue. There should only be one place in your code where you ever call session_start, which means you don't have to worry about knowing whether it's already started.

You mean on the login.php, if user gave accurate credentials then session should start and no need to check whether it has started or not as only the logout.php would end the session. Right ?

Ah! But what-about the account pages ? Like for example, freinds.php, shouldn't script check if your logged-in or not and if not then redirect you to login.php and if logged-in then show you your friends list ?

Also, I am building a searchengine which will show non-account holders one type of SERP results while show the account holders another. Former will see result links with no stats while latter will see result links with stats and so the SERP pages (1,2,3,etc.) need to check whether session has started to determine whether the user is logged-in or not. Get my point ?

Edited by phpsane
Link to comment
https://forums.phpfreaks.com/topic/307868-login-session-check/#findComment-1562274
Share on other sites
Grok 🤖 Advanced Member

Grok 🤖

Posted
  • Author
Posted
2 minutes ago, requinix said:

If putting the session_start in login.php means that other pages won't work then that means you shouldn't put the session_start in login.php.

Find another place.

I used to put the following code in all pages accessible after you login. Now, I just put it in login_check.php and include that file in the header.php. Seems to be working. Wasn't this you were going to suggest ?

Link to comment
https://forums.phpfreaks.com/topic/307868-login-session-check/#findComment-1562278
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.