ohdang888 Posted March 2, 2008 Share Posted March 2, 2008 whats better... cookie or session? I want to store an member 'id' number in the session or cookie Quote Link to comment Share on other sites More sharing options...
shocker-z Posted March 2, 2008 Share Posted March 2, 2008 I always use sessions and have been lead to beleive they are more secure. I find them very easy to deal with and no browser issues. Regards Liam Quote Link to comment Share on other sites More sharing options...
unsider Posted March 2, 2008 Share Posted March 2, 2008 sessions would probably be better for something like that, especially if you want to retrieve things like "time online", "last date visited", etc... EDIT: and what shocker said. Quote Link to comment Share on other sites More sharing options...
ohdang888 Posted March 2, 2008 Author Share Posted March 2, 2008 alright! sessions it is. I've been trying that anyways... my code is below. But one problem. I don't think the session is beginning because when i click logout, (all it contains is session_destroy().) then its say that error:trying to destory a session that doesn't exist. whats wrong? Login.php session_start(); mysql_connect("localhost", "", "") or die(mysql_error()); mysql_select_db("members") or die(mysql_error()); //remove slashes $email=stripslashes($_POST['email']); $password=stripslashes($_POST['password']); //encrypt password $encpass = md5($password); mysql_real_escape_string($email); mysql_real_escape_string($password); $sql="SELECT * FROM `users` WHERE email='$email' and password='$encpass'"; $result=mysql_query($sql); $count=mysql_num_rows($result); $user_info = mysql_fetch_array($result); $id = stripslashes($user_info['id']); if($count==1){ // if user login is successful then create session and direct to members.php $_SESSION['email']=$email; $_SESSION['id']=$id; echo "<meta http-equiv='refresh' content='0;url=member_home.php'>"; }else { // if user login is wrong direct to failed.php session_destroy(); echo "<meta http-equiv='refresh' content='0;url=failed.php'>"; } Quote Link to comment Share on other sites More sharing options...
shocker-z Posted March 2, 2008 Share Posted March 2, 2008 have you got session_start() on all your pages? try echoing the sessions back before you run destoy or instead of then you have diagnosed whither or not the sessions have been passed and therefore exist. Regards Liam Quote Link to comment Share on other sites More sharing options...
ohdang888 Posted March 2, 2008 Author Share Posted March 2, 2008 ok. i have that solved now. thanks BUT. i don't want to start a session for poeople not logged in. This is what my site is like... non-members can access: games, cannot leave comments home page contact pages members can access everything nonmembers can, plus: member profile pages member home page they can leave comments on games etc. Soooo..... i'm confused about the session_start on every page, Won't that start a session for people who aren't logged in??... Or does that not matter, becasue then the ID number stored in a member session won't be there???????? Quote Link to comment Share on other sites More sharing options...
shocker-z Posted March 2, 2008 Share Posted March 2, 2008 well start the session for all but validate on if $_SESSION['id'] exists as if it doesnt then there not logge din and it will never exist if they are not logged in. Regards Liam Quote Link to comment Share on other sites More sharing options...
ohdang888 Posted March 2, 2008 Author Share Posted March 2, 2008 awesome! thanks for helping dude! one more question. i have <?php session_start(); ?> on the "topmenu.php" which is included on every single page. but on the first page i am going to (the homepage) i am getting this error: Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at C:\xampp\htdocs\index.php:2) in C:\xampp\htdocs\include\topmenu.php on line 1 I'm logged out, and cleared all cookies and data in my IE, but its still doing that error whats wrong? P.S.- thanks for helping me! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.