PhP coding Help

[Guest RET.Maj.Skyler=US=]

I have been working on a website that needs to store User Sessions after they log in to the website to check if they actually logged in or not when they switch pages. Right now the sessions are being created when the log into the website and they get sent to index.php with those sessions still registered. Anytime i move off of that page it logs me off and i have to Relog in. I am not using cookies because i believe that method is outsourced and unreliable now, so i came around to using Sessions. If anyone has any Experience with keeping users logged in/checking log in status through multiple pages please get with me asap or post here with tips.

[Guest RET.CW4.ThievingSix=US=]

Use encrypted cookies or something like that. The session must be reconfirmed for each page, this is usually done with a cookie. Link your database to your website, create some code for your login, login page sends a "true" cookie to the user that is valid for "X" amount of time, each webpage rechecks for the same cookie. Cookie expires or is deleted. Something like a dynamic key. That would be my idea though its probably not how its actually done.

[Guest RET.Maj.Skyler=US=]

Would you mind helping me out if you can ThievingSix? I never worked with Sessions or cookies before and it would be nice to see some coding tips to get it done. This is my Check Login page which creates the sessions after login = true. The session is created at the bottom [QUOTE]// Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $username=$_POST['username']; $password=$_POST['password']; // To protect MySQL injection (more detail about MySQL injection) $username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $username and $password, table row must be 1 row if($count==1){ // Register $username, $password and redirect to file "login_success.php" session_register("username"); session_register("password"); header("location:index.php"); } else { echo "Wrong Username or Password"; } ?>[/QUOTE]

[Guest RET.CW4.ThievingSix=US=]

Yeah looks good although this needs to parsed on every page of your website if you want the login to be maintained. Is it working when you tried it?

[Guest RET.Maj.Skyler=US=]

It works. But i am having trouble having it keep users logged in with the session information. Gets lost after you go to a new page. I probly just have to $_GET or $_POST the informations again on each page.