Jump to content

PhP coding Help


Guest RET.Maj.Skyler=US=

Recommended Posts

Guest RET.Maj.Skyler=US=
I have been working on a website that needs to store User Sessions after they log in to the website to check if they actually logged in or not when they switch pages. Right now the sessions are being created when the log into the website and they get sent to index.php with those sessions still registered. Anytime i move off of that page it logs me off and i have to Relog in. I am not using cookies because i believe that method is outsourced and unreliable now, so i came around to using Sessions. If anyone has any Experience with keeping users logged in/checking log in status through multiple pages please get with me asap or post here with tips.
Link to comment
Share on other sites

Guest RET.CW4.ThievingSix=US=
Use encrypted cookies or something like that. The session must be reconfirmed for each page, this is usually done with a cookie. Link your database to your website, create some code for your login, login page sends a "true" cookie to the user that is valid for "X" amount of time, each webpage rechecks for the same cookie. Cookie expires or is deleted. Something like a dynamic key. That would be my idea though its probably not how its actually done.
Link to comment
Share on other sites

Guest RET.Maj.Skyler=US=
Would you mind helping me out if you can ThievingSix? I never worked with Sessions or cookies before and it would be nice to see some coding tips to get it done. This is my Check Login page which creates the sessions after login = true. The session is created at the bottom [QUOTE]// Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $username=$_POST['username']; $password=$_POST['password']; // To protect MySQL injection (more detail about MySQL injection) $username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $username and $password, table row must be 1 row if($count==1){ // Register $username, $password and redirect to file "login_success.php" session_register("username"); session_register("password"); header("location:index.php"); } else { echo "Wrong Username or Password"; } ?>[/QUOTE]
Link to comment
Share on other sites

Guest RET.CW4.ThievingSix=US=
Yeah looks good although this needs to parsed on every page of your website if you want the login to be maintained. Is it working when you tried it?
Link to comment
Share on other sites

Guest RET.Maj.Skyler=US=
It works. But i am having trouble having it keep users logged in with the session information. Gets lost after you go to a new page. I probly just have to $_GET or $_POST the informations again on each page.
Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...