[SOLVED] PHP Forum - New posts and sessions?

[Flava]

[b]First question[/b]

Hey there, this is my first time here so hope I'm doing everything correctly!
Basically, I have coded a forum using PHP which consists of boards and threads (of which consists of posts).
People have accounts registered and can post within these forums. The newest post within each board is shown on the forum page. You can see this at - http://www.ectoprods.com/index.php?page=forum

What I want to do is find a way to identify whether there are unread posts within each of the boards. This would obviously be different for each user. I had some ideas on doing this, however none were really efficient and I am convinced there must be an easier way to do it. Basically what I need to do is identify whether the newest post within each board has been read by the user - this would need to somehow be stored using MySQL - is this possible? Forums such as Vbulletin use this - in that on the main page, there is an icon next to each board which identifies whether there are read/unread posts. Hope you understand!

[b]Second question[/b]

The user login script uses sessions to login each user and 'remember' that login information for each page. I used cookies to do this before, however this gave many security problems as people could login as administrators by editing the cookie data. The problem with the sessions however, is that they 'dissapear' after the browser closes - I would like to know whether it'd be possible to create a 'Remember me' option by using sessions? I will assume no as the term session means a specified time - it's not a problem if this isn't possible really.

Anyway I'm sure you can help me, thanks :)

[fert]

The only way  know of do do what you want to do in your first question is to store the last time a person visited a forum and compare it to the time of the newest post of a topic

to answer your second question sessions expire when the browser closes so there is no way to do that with sessions

[Flava]

The thing I want to know is how would I go about storing the time a person last visited a forum?
Do I have to create a new table which stores these times? Or is there a more efficient way?

Thanks for your help by the way  8)

[fert]

[code]
ALTER TABLE `users` ADD last_active BIGINT
[/code]

[Flava]

Yes I know how to do that, but there are more than one board and so I would need to store more than one value.

[fert]

[code]
CREATE TABLE `last_visited_forum_name` (username TEXT, last_visited BIGINT)
[/code]

[Flava]

I have already made a table called forum_sessions:

userid
boardid
lasttime

Hopefully it should work. Thanks for your help anyway.

[PFMaBiSmAd]

Sessions can be configured to persist when a browser is closed (session.cookie_lifetime and the gc parameters) but to remember if someone is logged in, just use a cookie.

However, the cookie must contain a unique value for each user that is encrypted/hashed to avoid reverse engineering. It sounds like your previous attempt just stored the username and editing the name in the cookie file allowed someone to appear to be that user?

[Flava]

When using cookies, I stored a value to identify adminstrator status - so setting the value to 1 would simply give you admin rights. I found out this was the case and decided to switch to sessions rather than trying to fix the problem I had with the cookies. If I have time I may go back to cookies and use some kind of encryption somewhere so that I don't have the same problem.

Thanks for the help!  8)