Re: [PHP] Sessions help Please
on 25/10/02 6:38 AM, Bryan McLemore ([EMAIL PROTECTED]) wrote: > Hi guys I'm a little confused on how sessions work. ok I use > session_start(); to get started I know that but then the manual starts to > confuse me with all of the garbled text about passing the SID. How do I tell > if it was compiled with transparent SID passing? make a file -- it will explain what PHP was compiled with up the top-ish. > Also I'm not sure how to use cookies and this is just a small application for > private use so I don't mind passing it using urls for this iteration of the > project. By default, sessions will work with cookies (at least every install i've seen)... you don't need to do anything special to get it working. *IF* you are worried about people without cookies not being able to maintain the session, *THEN* passing the SID around in URLs would be the next step. You can do this manually (a lot of work), or... *IF* enable_trans_sid() was compiled (or if you can comile with it), this is the best option, because everything happens transparently... IF the user allows cookies, PHP will use them... if not, PHP will re-write your URLs with the SID in them. Easy. > Also I'm not quite sure how to auctually perserve the variables across pages. Assuming PHP >= 4.1.1 with register globals OFF, and cookies ALLOWED by your browser OR trans_sid compiled: page 1: click here to see page 2 page 2: Hi , hopefully this session carried forward. click here to see it carried to page 3 page 3: Hi , hopefully this session carried forward to the third page. Good luck, Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions help Please
have a look on phpbeginner there is a couple of articles/tutorials that explain this also look at previous posts :) > -Original Message- > From: Bryan McLemore [mailto:Kaelten@;worldnet.att.net] > Sent: Friday, 25 October 2002 6:39 AM > To: PHP - General > Subject: [PHP] Sessions help Please > > > Hi guys I'm a little confused on how sessions work. ok I use > session_start(); to get started I know that but then the manual > starts to confuse me with all of the garbled text about passing > the SID. How do I tell if it was compiled with transparent SID passing? > > Also I'm not sure how to use cookies and this is just a small > application for private use so I don't mind passing it using urls > for this iteration of the project. > > Also I'm not quite sure how to auctually perserve the variables > across pages. > > Thanks, > Bryan > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions help please
Have a look through the articles and or tutorials that can be found on phpbeginner.com and also phpbuilder.com they will give u a good place to start learning about it all :) > -Original Message- > From: Bryan McLemore [mailto:Kaelten@;worldnet.att.net] > Sent: Friday, 25 October 2002 2:19 AM > To: PHP - General > Subject: [PHP] Sessions help please > > > Hi guys I'm a little confused on how sessions work. ok I use > session_start(); to get started I know that but then the manual > starts to confuse me with all of the garbled text about passing > the SID. How do I tell if it was compiled with transparent SID passing? > > Also I'm not sure how to use cookies and this is just a small > application for private use so I don't mind passing it using urls > for this iteration of the project. > > Also I'm not quite sure how to auctually perserve the variables > across pages. > > Thanks, > Bryan > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions help please
Apologies for the long post. I use this approach: (simplified) at the top of every page, before any HTML. Pop it into an include right at the top. I have not included all the util function e.g. LogQuietAlert() regards Jeff "); gotoPage("/login"); } } #=== function login( $UserName, $Password ) { # Checks username/password global $sesh, $message, $REMOTE_ADDR; $sesh[_user]= $UserName; $sesh[_loggedin]= 0; $sesh[_user_id] = ''; $sesh[_role]= ''; $sesh[_name]= ''; $sesh[_client_id] = ''; if ( !$UserName or !$Password ) { return 0; } $UserName = strtolower( $UserName ); $sth = runSQL('get_user_login',array( where => "user='$UserName' and password=PASSWORD('MySalt$Password')" )); $rows = mysql_num_rows( $sth ); if (!$rows) { # Invalid UserName/Password - log a quiet alert LogAlert("Login failure: $UserName from $REMOTE_ADDR tried '$Password'"); $message = "Invalid username/password [from $REMOTE_ADDR]"; return 0; } $rec = mysql_fetch_array( $sth, MYSQL_ASSOC ); $sesh[_loggedin]= 1; $sesh[_user_id] = $rec[user_id]; $sesh[_email] = $rec[email]; $sesh[_role]= $rec[role]; $sesh[_name]= $rec[name]; $sesh[_client_id] = $rec[client_id]; return 1; } #=== function gotoPage( $page = "/index" ) { header("Location: $page"); exit; # Old browsers get no further! } #=== function isUtilityPage() { global $PHP_SELF; # returns true if this is a utility page # ie index, login, unavailable or error if ( stristr($PHP_SELF, 'login')) return 1; if ( stristr($PHP_SELF, 'index')) return 1; if ( stristr($PHP_SELF, 'unavail')) return 1; if ( stristr($PHP_SELF, 'error')) return 1; if ( stristr($PHP_SELF, 'disclaimer')) return 1; return 0; } #=== ?> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Sessions help please
[EMAIL PROTECTED] [[EMAIL PROTECTED]] wrote: > Hi, > > I am going to use sessions to authenticate and protect my pages, this is what > I have so far... > > User logs in via form, this is checked via a SQL call, if the correct > username and password are entered I run the following: > > session_start(); > session_register("UserName","Password"); You have to register each "field" like this: session_register("UserName"); // register UserName as a session var $UserName = $new_value_for_username; // give UserName session var a new value. session_register("Password"); // register Password as a session var $Password = $new_value_of_password; // give Password session var a new value. Then in the next script, after you do session_start();, you will have access to those previously registered session variables by just using $UserName and $Password. HTH. -- Hardy Merrill Mission Critical Linux, Inc. http://www.missioncriticallinux.com > header ("Location: Http://www.domain.com/members/index.php"); > > The bit where I get lost is 1) how to authenticate this on each page and 2) > How to close the session after the browser has closed. I have tried many > tutorials etc but none seem to go into great detail in those areas. Anyone > know of any decent tutorials or any snippets I can learn from. > > Thanks > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]