hi all,
i need to store a username in php sessions using time function so that when ever he logged in it must match in the database or else if the user is logged for first time then that value must be stored in the database…
kindly tell me what is the logic behind it…
Step 1: Exhale, let’s find some punctuation, maybe switch to decaf, and try reading that again. rereads
Step 2: What… exactly are you trying to do, and why? I have a feeling you’re overcomplicating things.
the system wants to know whether the user is entering for first time or not.
if he is entering for first time then i must store his login time using time function
or else if he is a old user then he must continue using his old session time first he entered…
i hope u got it now…
Rate this post
session_start();
if(!isset($_SESSION['beenhere'])) {
//First time visiting.
$_SESSION['beenhere'] = 1;
} else {
//Not first time visiting.
}
if he is entering for first time then i must store his login time using time function
or else if he is a old user then he must continue using his old session time first he entered…
This is the default behavior of sessions, you dont need to track this.
i need to do using the time function because it will store unique id(no of seconds) that must be stored in the database
so that when next time he enters there will be no need for asking his details again because
he is entering for second time …
Except how does your system know it’s him?
Cookies are the only way to store such information permanently (on that computer, anyway).
buy assigning username with time() (both stored in database)
if either username matches then it must perform using sessions
What username?
You’re gonna set a cookie with the username?
Person A logs in. Your system sets up a session, and adds a line to a database somewhere storing his username and login time.
Person A closes his browser.
Person A opens browser again, goes to your site - unless you’ve attached a cookie to his browser for your site, your site has no idea what his username is.
And if you ARE talking about a cookie, then use something better than time. Session ID works pretty well.
k using sessions when the user closes the browser then his session is destroyed right.
and next time when he enters it will think as a new user right(even though same user entered for second time)?
is that so…
Yes, using just pure sessions, that is correct. A browser dumps it’s session information on closure.
then what is the use of sessions …where it is used…
Yes.
Session data is stored on the Server side of things, and can store sensitive information that the client cant manipulate, but has a built in expiry time.
Cookie data is stored on the Client’s computer, can be manipulated, but can also persist between browser sessions.
Whenever you visit a webpage, like sitepoint.com, your browser says “Do I have any cookies that match this site?” If it does, it sends that cookie data along with the request, so the system can act on it.
then u r telling me that to remember the user name we have to use cookies mandatorily…right
if the user has registered with some website say like shopping cart when he logins then it should not ask for registration
since he ha already registered.
how to do this one…
You mean how do “Remember me” checkboxes work?
They store a cookie on the user’s machine. Usually with the session ID. That session ID gets registered to a user in a database table.
So; lets do a basic example.
PersonA logs on to the site, and signs in. When he signs in, he ticks the 'Remember me" checkbox.
Server reads his form, checks his login credentials, and if it’s all good, logs him in, sets a cookie on his computer with his session ID, and updates its database to associate sessionid to username.
PersonA browses a bit, then goes off for a few hours. Comes back to the site that night.
Server sees PersonA arrive, finds no session data for him, but does see a cookie has been sent. Checks its database to identify which user it is, logs the user in,updates the cookie with the new sessionID, updates the database with the new sessionID. User is now logged in despite having closed his browser.
so his session will not be destroyed in the whole process…
The session will be destroyed - but the site, when it detects no session but does detect the cookie, will create a new session with the user already logged in. As far as the person sees, the website remembered him. The truth is a little different, but as long as it works noone needs to care (except the people coding it, of course)
He already explained.
Use a cookie.
That cookie can contain a secret key, lets call it key=‘abc123’.
Your site is passed the cookie when user A returns to visit your site.
You lookup the key number, and if valid you then select a some other stuff, lets say their their real name and their postcode and country.
You put their real name, postcode and country details into a session.
This saves you continually having to look them up every time user A moves around your website.
When user A quits your site, or closes their browser, the session data is dumped - but the cookie key=‘abc123’ lives on.
This is a very over simplified explanation, but essentially you have to make decisions about:
-how much data you store in the cookie
-how much data you store in the session
-how much data you leave lying in your database only to unlock it on when it is needed
-what security measures need to be taken to protect all of your visitors to make sure their session can be hijacked, or their cookie key stolen
That means you have to do some research on what is best done where.
then using only session it is not possible to remember the user right.