SitePoint Sponsor

User Tag List

Results 1 to 6 of 6

Thread: Sessions!

Hybrid View

  1. #1
    <? james('rules'); ?>
    Join Date
    Jun 2004
    Location
    Wales, UK
    Posts
    788
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Sessions!

    OMG, I hate sessions! I think ive learnt that globals OFF suits me better though. Can someone point me to a tutorial that uses globals OFF. A simple sessions tutorial that helps u code the basic session for a login script. I really need one but i cant seem to find one that helps me enough .

  2. #2
    SitePoint Enthusiast probonic's Avatar
    Join Date
    Apr 2002
    Location
    Manchester, UK Insanity: 97%
    Posts
    60
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    PHP Code:
    session_start();
     
    // do whatever with the session variables, e.g.:
     
    $_SESSION['foo'] = 'bar';
     
    session_end(); 
    session_start() will generate a new session ID if the user doesn't currently have a session. The way I do sessions for logging in is :-

    PHP Code:
    // dologin.php :
     
    session_destroy();  // make sure we start a new session
     
    session_start();
     
    // check $_POST['password'] is ok
     
    $_SESSION['username'] = $_POST['username'];
     
    header('Location: main.php');
     
    session_end(); 
    PHP Code:
    // main.php :
     
    session_start();
     if (!
    $_SESSION['username'] || $_SESSION['username'] == '') {
         
    // No session or session is invalid - throw back to the login form
         
    header('Location: index.php');
     }
     
    // Rest of page goes here
     
    session_end(); 
    That's a very simplistic set of scripts but it shows you the basics.

    Hope this helps you.
    Phil Evans - CEO, Probonic Networks
    pevans@probonic.com
    http://www.probonic.com
    AIM: probonic | MSN: support@probonic.com | T: +44 07779992043

  3. #3
    <? james('rules'); ?>
    Join Date
    Jun 2004
    Location
    Wales, UK
    Posts
    788
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    WOW that really does help thanks a lot. How would i maintain this for all the pages i wanted to keep "member only". Would it be something like:
    PHP Code:
    session_start();
    if (!
    $_SESSION['username'] || $_SESSION['username'] == '') {
        
    // No session or session is invalid - throw back to the login form
        
    header('Location: index.php');
    }
    else {
    // load the page 
    }
    session_end();
    session_destroy(); 
    Or something along those lines.

    Oh and im confused about:
    PHP Code:
    // dologin.php :
    session_destroy();  // make sure we start a new session
    session_start();
    // check $_POST['password'] is ok
    $_SESSION['username'] = $_POST['username'];
    header('Location: main.php');
    session_end(); 
    because i dont know how to impliment this into the rest of my login.php code, so say it does the database checks, and if its all sucessfull etc, then the session is started using the submitted username, using the above code.

  4. #4
    <? james('rules'); ?>
    Join Date
    Jun 2004
    Location
    Wales, UK
    Posts
    788
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This is my login.php code if it helps(the part that would concern you): I submitted it seperate to make it easier to read.
    PHP Code:
    mysql_select_db($db)or die("Could not select the database");
        if(
    $loguser=="guest" && $logpass=="guest"){
        echo 
    "Thank you. You have logged in as <b>Guest</b>. You will be re-directed to the website very soon.";
        echo 
    "<META http-equiv='refresh' content='5;URL=index2.php'>";
        }
            else {
            
    $query="SELECT * FROM users WHERE username='$loguser' && password='$logpass'";
            
    $result=mysql_query($query);
                if(
    mysql_num_rows($result) < 1){
                echo 
    "One or more of the details you tried were invalid, please go back and try again.";
                } 
                    else {
                    echo 
    "Congratulations you logged in successfully as <b>$loguser</b>. You will be re-directed to the website very soon.";
                    echo 
    "<META http-equiv='refresh' content='5;URL=index2.php?username=".$_POST['loginuser']."'>";
                    }
                
            }
    }
    ?> 

  5. #5
    With More ! for your $ maxor's Avatar
    Join Date
    Feb 2004
    Location
    Scottsdale, Arizona
    Posts
    909
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by 1337-Dev
    This is my login.php code if it helps(the part that would concern you): I submitted it seperate to make it easier to read.
    <snip>
    PHP Code:
    mysql_select_db($db)or die("Could not select the database");
        if(
    $loguser=="guest" && $logpass=="guest"){
        echo 
    "Thank you. You have logged in as <b>Guest</b>. You will be re-directed to the website very soon.";
        echo 
    "<META http-equiv='refresh' content='5;URL=index2.php'>";
        }
            else {
            
    $query="SELECT * FROM users WHERE username='$loguser' && password='$logpass'";
            
    $result=mysql_query($query);
                if(
    mysql_num_rows($result) < 1){
                echo 
    "One or more of the details you tried were invalid, please go back and try again.";
                } 
                    else {
                                                       
    session_destroy();
                                                       
    session_start();
                                                       
    $_SESSION['username'] = $loguser;
                                                       
    session_end();
                    echo 
    "Congratulations you logged in successfully as <b>$loguser</b>. You will be re-directed to the website very soon.";
                    echo 
    "<META http-equiv='refresh' content='5;URL=index2.php?username=".$_POST['loginuser']."'>";
                    }
                
            }
    }
    ?> 
    Give this a shot.

  6. #6
    <? james('rules'); ?>
    Join Date
    Jun 2004
    Location
    Wales, UK
    Posts
    788
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I can't tonight because for some reason the domain wont let me access using FTP. Ill update login.php tomorrow, and try it out, and ill post what happens. Thanks .


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •