xtrafile Posted March 5, 2008 Share Posted March 5, 2008 I think the last major thing I'm unfamiliar with is php sessions. I want to make a login script, which when they log in, stores their data in a session (in something like config.php). And then, in a new page there would be something like <? include("config.php"); if($session != 'false'){ hooray I can do stuff }else{ redirect to login page code } ?> How can I set the config.php or even sessions to get it working? Sadly the tuts I've been reading aren't down to earth enough for me to understand at all. That's the first part. The second part is using sessions to do stuff, like a profile. So like the top part, if sessions does not equal false, then it'll run the code. So in the body I'd like to have <input type="text" name="name"> And then when it goes to the processing field it'll update the data in MySQL for that user ID which is generated during registration. So it has to be based on sessions. How can I accomplish that? Thanks for the help! Link to comment https://forums.phpfreaks.com/topic/94507-sessionssetting-cookies-for-user-id/ Share on other sites More sharing options...
revraz Posted March 5, 2008 Share Posted March 5, 2008 Not sure what tutorials you are reading, but it's a simple variable. <?php session_start(); $_SESSION['authorized'] = "yes"; ?> //NEXT PAGE <?php session_start(); echo $_SESSION['authorized']; ?> How can I set the config.php or even sessions to get it working? Sadly the tuts I've been reading aren't down to earth enough for me to understand at all. Link to comment https://forums.phpfreaks.com/topic/94507-sessionssetting-cookies-for-user-id/#findComment-483960 Share on other sites More sharing options...
discomatt Posted March 5, 2008 Share Posted March 5, 2008 call session_start() at the beginning of the script. store all variables you want passed from page-to-page in the $_SESSION array... so for example ?php session_start(); if ($_SESSION['id']) { // logged int } else // login form } ?> Keep in mind though, that session variable can be and are usually stored on the user-end as cookies. This means any data they hold should be verified on every page view. You can do this by modifying your script as such <?php session_start(); if (!$_SESSION['id']) { // log in form } else $r = mysql_query('SELECT `username`, `id`, `accessLevel`, `password` FROM `users` WHERE `id` = \'' . mysql_escape_string($_SESSION['id']) . '\' AND `username` = \'' . mysql_escape_string($_SESSION['username']) . '\' AND `password` = \'' . mysql_escape_string($_SESSION['password']) . '\''); // Checking overkill, i know, but it doesn't add that much overhead, so // if you can be thorough, why not? if (mysql_num_rows($r) == 0) { unset($_SESSION); // Assuming no other important session vars session_destroy(); header('Location: loginFail.php'); // Redirect to a new page, to make sure session_destroy() has a chance to flush } else { // user checks out! } } ?> To 'define' a session var, it's as simple as $_SESSION['username'] = $_POST['username']; The variable $_SESSION['username'] will now be passed to any page on your domain with 'session_start()' in it, until the session times out from inactivity or you destroy the session. Link to comment https://forums.phpfreaks.com/topic/94507-sessionssetting-cookies-for-user-id/#findComment-483961 Share on other sites More sharing options...
xtrafile Posted March 5, 2008 Author Share Posted March 5, 2008 Great. Thanks Link to comment https://forums.phpfreaks.com/topic/94507-sessionssetting-cookies-for-user-id/#findComment-484252 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.