phpsane Posted November 6, 2018 Share Posted November 6, 2018 Php Gurus, Someone showed me to check if session is set or not like this: <?php //login_check() FUNCTION File. /* Check if User is logged-in or not by checking if the session names "user" is set (isset) or not. Return "TRUE" if it is; Else "FALSE". */ //Have to initiate the "session_start" global variable, regardless of whether User is logged-in or not, in order to deal with session stuffs in php. if(!session_start()) { session_start(); } //Function for checking if User is logged-in or not. function login_check() { if(isset($_SESSION["user"]) && !empty($_SESSION["user"])) { //If Session "user" is set and not empty then return TRUE. return TRUE; } else { //If Session "user" is NOT set or if session is empty then return FALSE. return FALSE; } } ?> Been using that all this time and it worked. But, another pro tells me that is not how I should do it. He does not like this: if(!session_start()) { session_start(); } And suggests this instead: if( session_status() != PHP_SESSION_ACTIVE ) session_start(); What is your opinion on this ? Was my code alright or do you reckon I should listen to the other pro and change my code to this: <?php //login_check() FUNCTION File. /* Check if User is logged-in or not by checking if the session names "user" is set (isset) or not. Return "TRUE" if it is; Else "FALSE". */ //Have to initiate the "session_start" global variable, regardless of whether User is logged-in or not, in order to deal with session stuffs in php. /* Replacing following chunk: if(!session_start()) { session_start(); } */ //Replacing to this insstead: if( session_status() != PHP_SESSION_ACTIVE ) session_start(); //Function for checking if User is logged-in or not. function login_check() { if(isset($_SESSION["user"]) && !empty($_SESSION["user"])) { //If Session "user" is set and not empty then return TRUE. return TRUE; } else { //If Session "user" is NOT set or if session is empty then return FALSE. return FALSE; } } ?> Requinix, Barand, Ginerjm, Benanamen. Anyone! What you say on this ? Note: All pages such as home.php, settings.php, etc. (pages inside member account) have the following line at the top: //Check if User is already logged-in or not. Get the login_check() FUNCTION to check. if (login_check() === FALSE) { //Redirect User to Log-in Page immediately. //header("refresh:0; url=home.php"); header("location:login.php"); exit(); } Link to comment Share on other sites More sharing options...
requinix Posted November 6, 2018 Share Posted November 6, 2018 This shouldn't even be an issue. There should only be one place in your code where you ever call session_start, which means you don't have to worry about knowing whether it's already started. Link to comment Share on other sites More sharing options...
phpsane Posted November 20, 2018 Author Share Posted November 20, 2018 On 11/6/2018 at 10:59 PM, requinix said: This shouldn't even be an issue. There should only be one place in your code where you ever call session_start, which means you don't have to worry about knowing whether it's already started. You mean on the login.php, if user gave accurate credentials then session should start and no need to check whether it has started or not as only the logout.php would end the session. Right ? Ah! But what-about the account pages ? Like for example, freinds.php, shouldn't script check if your logged-in or not and if not then redirect you to login.php and if logged-in then show you your friends list ? Also, I am building a searchengine which will show non-account holders one type of SERP results while show the account holders another. Former will see result links with no stats while latter will see result links with stats and so the SERP pages (1,2,3,etc.) need to check whether session has started to determine whether the user is logged-in or not. Get my point ? Link to comment Share on other sites More sharing options...
requinix Posted November 20, 2018 Share Posted November 20, 2018 If putting the session_start in login.php means that other pages won't work then that means you shouldn't put the session_start in login.php. Find another place. Link to comment Share on other sites More sharing options...
phpsane Posted November 20, 2018 Author Share Posted November 20, 2018 2 minutes ago, requinix said: If putting the session_start in login.php means that other pages won't work then that means you shouldn't put the session_start in login.php. Find another place. I used to put the following code in all pages accessible after you login. Now, I just put it in login_check.php and include that file in the header.php. Seems to be working. Wasn't this you were going to suggest ? Link to comment Share on other sites More sharing options...
requinix Posted November 20, 2018 Share Posted November 20, 2018 Yes, actually. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.