Re: [PHP] Newbie ? on sessions
You shouldn't have to store the sessionID. It's going to be new each time someone comes to the site, anyhow. Once the log in, you should know who they are. Save the tracking information you want in your database and pull it out based on their username. You have to use a database or a file to remember things like this. Sessions are only good for that browser session. Cookies last longer and you could use them to reference things, or even to store the data, but they can be tampered with on the user side. ---John Holmes... - Original Message - From: Vicki [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, June 13, 2002 2:51 PM Subject: [PHP] Newbie ? on sessions I'm very new to PHP/mySQL so please forgive me if this is a silly question. I'm mostly trying to understand the concepts involved in tracking user activity with sessions, and despite hours of reading I'm still confused. I have a membership site with users authenticated by a mySQL database. I have incorporated sessions into the login script which passes the session variables to a page restricted to members-only that contains links to articles. Here's the question: If a member logs out (session_destroy()) or closes the browser, the session data is gone, right? How, then, would I go about storing information about the member's activity on the site? The next time they log in, I'd like to greet them with a message that says Hi, $username. You last visited the site on $date and you viewed the following articles: $article1, $article2. Do I need to store the sessionid in the database and register more variables to track the activity, or should I write a separate script that stores details of their activity, perhaps as a separate table in the database? What I really don't understand is whether this sort of tracking is done with sessions or by writing to a database. (OK that's more than one question.) Also, if I do need to store the session ID in the database and I don't have access to the php.ini file, is there a way to set the session_save_handler to user through .htaccess or some other means? Thanks very much for any help you can provide. Vicki -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Newbie ? on sessions
V Here's the question: If a member logs out (session_destroy()) or closes V the browser, the session data is gone, right? yes V How, then, would I go about storing information about the member's activity on the site? By adding into your site, any of those custom tracking things. For example, if you wanted to note that they clicked on a link to an article, then the script that serves that article would insert such a note into a table in the db designed specifically for that purpose. What you would be noting would be the ID of the user, not the value of PHPSESSID, because that's just a random string for the period of time that the user is logged in. V The next time they log in, I'd like to greet them with a message that says V Hi, $username. You last visited the site on $date and you viewed the V following articles: $article1, $article2. Easy enough, if you have tables and little insert snippets scattered about to handle that. - Julie -- Julie Meloni -- [EMAIL PROTECTED] -- www.thickbook.com Find Sams Teach Yourself MySQL in 24 Hours at http://www.amazon.com/exec/obidos/ASIN/0672323494/thickbookcom-20 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Newbie ? on sessions
Thanks for both of your comments. I don't know why I was getting all tangled up in sessions, but now I feel MUCH more confident about how to proceed. Best regards, Vicki -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] newbie: using sessions
On Wed, 13 Mar 2002, Faisal Abdullah wrote: Don't you have to assign the login value to the session variable first? session_start(); $login = $HTTP_POST_VARS(login); session_register(login); It's the same. Saludos... :-) Porqué usar una base de datos relacional cualquiera, si podés usar PostgreSQL? - Martín Marqués |[EMAIL PROTECTED] Programador, Administrador, DBA | Centro de Telematica Universidad Nacional del Litoral - -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] newbie: using sessions
Have you started session? And you have to register session variables as well. Try this: session_start(); $session_login = $HTTP_POST_VARS['login']; session_register(session_login); At the other page, where you want to output the variable, you must also start session. session_start(); echo $session_login; Regards, Faisal On Tuesday 12 March 2002 17:28, you wrote: Hi i can't get the session variables working. When I get something like $_SESSION['Login']=$HTTP_POST_VARS['login']; on the first page, and i go with a link to an other php page. When then try to get $_SESSION['Login'] again it is empty. How comes? Maarten Weyn -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] newbie: using sessions
On Mar 12 Mar 2002 06:28, you wrote: Hi i can't get the session variables working. When I get something like $_SESSION['Login']=$HTTP_POST_VARS['login']; on the first page, and i go with a link to an other php page. When then try to get $_SESSION['Login'] again it is empty. How comes? How are you using you're session? Are you registering the variable for later use? session_start(); session_register(login); $login = $HTTP_POST_VARS['login']; That's it! -- Porqué usar una base de datos relacional cualquiera, si podés usar PostgreSQL? - Martín Marqués |[EMAIL PROTECTED] Programador, Administrador, DBA | Centro de Telematica Universidad Nacional del Litoral - -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] newbie: using sessions
Don't you have to assign the login value to the session variable first? session_start(); $login = $HTTP_POST_VARS(login); session_register(login); How are you using you're session? Are you registering the variable for later use? session_start(); session_register(login); $login = $HTTP_POST_VARS['login']; That's it! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Newbie: Ending Sessions
I'm not sure what you mean by the session is still active, but if you mean that the variables still are set to the same values, try moving the session_unregister after the session_unset, but still before the session_destroy. Janet - Original Message - From: Lee P Reilly [EMAIL PROTECTED] To: PHP List [EMAIL PROTECTED] Sent: Wednesday, January 16, 2002 8:58 AM Subject: [PHP] Newbie: Ending Sessions Hi, I wonder if someone could tell me what I am doing wrong with the following? I am trying to end a session (logout), but am having a problem... I register a new session as follows: authenticate.php (snippet) // if the user has just tried to login if ($username $password) { // if the user is present in the database, register the username in the session if (login($username, $password)==1) { $valid_user=$username; session_register(valid_user); } } ^ This works okay. BTW, session_start() is present - just not shown above. I then have a hyperlink to a logout function: logout.php (snippet) session_start(); include(sasdap_fns.php); $result = session_unregister(valid_user); session_unset(); session_destroy(); ^ $result always returns 1, but when I return to /reload /refresh the login screen I see that I am still logged in i.e. the session is still active. Can anyone see a problem anywhere? Thanks very much in advance. - Best regards, Lee -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]