asmith Posted November 26, 2007 Share Posted November 26, 2007 when a user log in : before i show him his logged page $_SESSION[user] = "aaa"; and at all of user pages : if ($_SESSION[user] != "aaa") {header("location: login.php");exit;} 1.is this way enough secure ? i mean i have put a "aaa" variable , isn't that unsafe ? 2.beside how can i use a changable variable for defining users ? Quote Link to comment Share on other sites More sharing options...
trq Posted November 26, 2007 Share Posted November 26, 2007 Usually easiest to use booleens. If user logged in successfully.... <?php session_start(); $_SESSION['user_logged_in'] = true; ?> Then a simple login check... <?php session_start(); if (isset($_SESSION['user_logged_in'])) { // user is logged in. } ?> Quote Link to comment Share on other sites More sharing options...
asmith Posted November 26, 2007 Author Share Posted November 26, 2007 it has nothing to do with safety or security or anything ? (as session is a server-side file , no need to worry about information in it ? ) Quote Link to comment Share on other sites More sharing options...
trq Posted November 26, 2007 Share Posted November 26, 2007 That is about as safe as sessions can be. Quote Link to comment Share on other sites More sharing options...
asmith Posted November 26, 2007 Author Share Posted November 26, 2007 got it ! thanks Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.