6 Replies - 544 Views - Last Post: 15 February 2010 - 06:23 PM Rate Topic: -----

#1 Guest_kelvin*


Reputation:

How to use a session.

Posted 13 February 2010 - 06:12 PM

I'm trying to do a login where after you login, if will say

hi (username) and other sort of stuff you can do when login where it will automatically identify you.

here is my login code,

Is this the correct way of using a session??
What more do i need to make my website like a normal login site where where using a session will identify a user throughout till he clicks on logoff. I'm not doing a cookie for now to make it easier.

Do i need like session_start at the top of all my website?

Also i have a main page with small loginbox at the left, is it possible to use php conditional statement, check if a user is logged in, if a user is logged in, change the content to "Welcome username", if there is no login , then maintain the login form at the left.

Incase you are thinking, i've search google and most of the session they used are deprecated like session_register() etc...and since it is chinese new year i really have no time to further research into it.

<?php
	$connection = mysql_connect("localhost","root", "root");
	if (!$connection) {
	die("Could not connect to database." . mysql_error());
	}
		
	$username = $_POST[username];
	$password = $_POST[password];	
	
	mysql_select_db("myblog", $connection);
	$sql_check = "SELECT username, password FROM login WHERE username = '$username' and password = '$password'";
	
	$result = mysql_query($sql_check);	
	
	$count = mysql_num_rows($result);

	if ($count == 1) {

	session_start();
	$_SESSION['username'] = "test";
	
	echo "login successful";
		} else {
		echo "login failed";
		} 
?>


Is This A Good Question/Topic? 0

Replies To: How to use a session.

#2 Guest_kelvin*


Reputation:

Re: How to use a session.

Posted 13 February 2010 - 06:17 PM

Crap i forget to login...

anyway here is 1 part of my code which shows the login box at the main page.

		
<div id="login_box_content">
<?php include('includes/login_box.php')?>
</div>



What i'm trying to ask above is if there is some code like:

if (check for login = true) {
include('welcome.php') // This will content "welcome "username"
} else
include('incluesd/login_box.php')
Was This Post Helpful? 0

#3 Skaggles  Icon User is offline

  • THE PEN IS MIGHTIER
  • member icon





Reputation: 251
  • View blog
  • Posts: 640
  • Joined: 01-March 09

Re: How to use a session.

Posted 13 February 2010 - 06:25 PM

If you're storing the session information in $_SESSSION['username'] you should be able to look for it's existence when showing the page.

if (isset($_SESSION['username'])) {
  // show welcome
} else {
  // show login stuff
}



Edit: Been a while since I messed with PHP.

This post has been edited by Skaggles: 13 February 2010 - 06:27 PM

Was This Post Helpful? 1
  • +
  • -

#4 aklo  Icon User is offline

  • D.I.C Head

Reputation: 18
  • View blog
  • Posts: 229
  • Joined: 23-January 09

Re: How to use a session.

Posted 14 February 2010 - 08:54 AM

Thanks it works but is this the standard way of doing it?

Also i did my logout and everything works fine but how safe is session_destroy?

<?php
	session_start();
	session_destroy();
	header('location:index.php');
?>


also puzzles me why i need to start it before i can destroy it, if i don't start the session there will be an error. Most importantly is this code sufficient enough if i were to make an e-commerce site?

This post has been edited by aklo: 14 February 2010 - 09:47 AM

Was This Post Helpful? 0
  • +
  • -

#5 josh06  Icon User is offline

  • D.I.C Head
  • member icon

Reputation: 14
  • View blog
  • Posts: 139
  • Joined: 27-October 06

Re: How to use a session.

Posted 15 February 2010 - 09:14 AM

If you were to make an e-commerce site you would have to hash passwords and look into security on your database. You would probably need an SSL Certificate as well.
This is just a very basic log-in script and should not be used for the said purpose.

Keep Learning, and if you need help just ask!
Was This Post Helpful? 0
  • +
  • -

#6 Xuhybrid  Icon User is offline

  • D.I.C Head

Reputation: 30
  • View blog
  • Posts: 106
  • Joined: 20-January 10

Re: How to use a session.

Posted 15 February 2010 - 09:36 AM

You need to start the session because that initialises the program. Then when you destroy the session, it destroys the session information that you have created so far and re-generates your session id.

Usually you would include session_start(); in every file, whether by manual entry or by include of a global file for similar settings. You can't manipulate a session before starting the program.
Was This Post Helpful? 0
  • +
  • -

#7 vernak  Icon User is offline

  • New D.I.C Head

Reputation: 7
  • View blog
  • Posts: 24
  • Joined: 11-February 10

Re: How to use a session.

Posted 15 February 2010 - 06:23 PM

The code that you listed will work fine for logging out. Although it might not be as safe as you think when your website gets bigger.

You should probably use something like:

session_start();

$_SESSION['var1'] = "";
$_SESSION['var2'] = "";
$_SESSION['var3'] = "";
$_SESSION['var4'] = "";
$_SESSION['var5'] = "";
// etc.

session_unset();
session_destroy();

header("Location: index.php");



I always try to set the variables that I have used in the session to an empty string so if something doesn't go correctly and the session is not destroyed then variables have no data in them.


It's a little more work but it does work well.

You need to start the session first so there is actually something to destroy. On an e-commerce site you would probably need a little more and probably need to use a SSL.


View Postaklo, on 14 February 2010 - 07:54 AM, said:

Thanks it works but is this the standard way of doing it?

Also i did my logout and everything works fine but how safe is session_destroy?

<?php
	session_start();
	session_destroy();
	header('location:index.php');
?>


also puzzles me why i need to start it before i can destroy it, if i don't start the session there will be an error. Most importantly is this code sufficient enough if i were to make an e-commerce site?

Was This Post Helpful? 0
  • +
  • -

Page 1 of 1