tedd wrote:
On 5/4/09, Matthieu <spama...@gmail.com> wrote:

I'm a totally newbie to php/Mysql but I'd like to know if it is normal that
 I have to connect 3 times to the db in one page.

 For example, I have

1. A connection for the login / pass a $_SESSION['login'] before the HTML

2. I need to say hello to the user so I reconnect, run a query to select the
 user having the login and echo 'Hello '.$user['login'].'!''

3. I need to show him his friends a bit later, so I have to connect a last time and re-run a querry because I can't use the data $user that I used in
 my upper php code...

 Is there a walkthroug to have only one connection for the page?




The way I usually have a user navigate a protected site is to first to have them identify themselves via a logon/password script -- and then I store their user_id in a SESSION. Note, I do not store all their data in a SESSION, just their user_id. The user_id should be an unique auto_increment integer primary key from your users' table.

At the start of each protected page, I have:

<?php session_start();

$user_id = isset($_SESSION['user_id']) ? $_SESSION['user_id'] : 0;

if($user_id == 0)
   header('location: login.php);

// proceed with processing

As such, I check if $user_id > 0 -- if so, then I process the request as directed. If not, then I send the user back to login.

That's basically what i do.
I don't store much in sessions, just the id of the logged in user (set to 0 for not logged in) and maybe a few temporary things (IE a page that requires login, if the uid is set to 0 I'll store the page in the session so that after login they can be redirected back). There's a few other things I do in session data, but not much.

Since I only use non persistent cookies for security reasons, almost anything worth saving is worth saving as a db record tied to the user id. Sessions for me mostly are just a way to know a user is authenticated and who they are authenticated as.

As for connecting to the database, I connect as needed to get information needed. I do not use SESSIONs to store all the data to be passed from page to page, I gather only what's needed for that page.

I also make sure that when I open a connection, I close the connection I may have several open/close statements within a page, but normally I try to avoid that.

I just use pear mdb2 - they make it easy to deal with multiple different databases etc. and I just let the connection close when the page finished executing, I don't explicitly close any connections.

I do explicitly unset prepared statements, but only on pages that do many queries (short fast pages free up the memory when the page finishes executing anyway).

Since I generally use the same database for session handling as I use for rest of the app, the database will be opened when the page starts and need to be open when the page finishes execution for writing any new session data, so it doesn't make sense to me to explicitly close the connection except for my search engine (it uses a different database) - but when the search query has run, the search results are displayed and the script finishes executing anyway, so closing that connection isn't needed anyway - the job is done and the script exits quickly closing the connection on it's own.



PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to