Passing session data to database

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
saltriver
Forum Commoner
Posts: 59
Joined: Fri Mar 12, 2004 2:40 pm
Location: Burlington, VT

Passing session data to database

Post by saltriver »

Hi all,
I'm trying to figure out a way for a logged in user to make entries into a database, so that their company, username and password are automatically entered along with the data they manually enter on the form I've made (item, description, price, etc). I'm working with prexisting code, so I don't want to change it too much for fear of breaking another part of it.
From what I gather, I will need to use the session, and the values associated with it, to identify the current user. Presently, the Logincheck.php page only associates the username and session id with the session. Here's where I'm not sure how to proceed. Should I:

A- assign the username, company and password in the session, and how to I add those? I tried, but I think my syntax was bad.

B- make an array that's tied to the session by the username and extract (somehow) the compnay and password from the database using the username?

This code uses session_is_registered(), which I have read should not be used. I tried using the global session method, but didn't have any luck. I would like to try to figure this part out first before trying to tacke that, since it seems like it might need to be addressed eventually anyway.

Here's the code for the Logincheck.php page:

Code: Select all

<?
// this needs to be on every page, it makes it remember all of the set variables that is done on the login_script.php
session_start();

if (session_is_registered("valid_user")) &#123;
	session_save_path("$id.txt");
	&#125;
else &#123; header ("Location: login.php"); &#125;
?>
Am I on the right track?

Steve
User avatar
anjanesh
DevNet Resident
Posts: 1679
Joined: Sat Dec 06, 2003 9:52 pm
Location: Mumbai, India

Post by anjanesh »

Sessions in a database is a different issue :
Before any output is done you need to do these :

Code: Select all

<?php
session_module_name("user");
session_set_save_handler("session_open","session_close","session_read","session_write","session_remove","session_gc");
session_start();

function session_open($path,$name){}
function session_close(){}
function session_read($id){}
function session_write($id,$data){}
function session_remove($id){}
function session_gc($life){}
?>
session_open,session_close,session_read,session_write,session_remove,session_gc are all user defined functions.
http://www.php.net/manual/en/function.s ... andler.php
User avatar
tim
DevNet Resident
Posts: 1165
Joined: Thu Feb 12, 2004 7:19 pm
Location: ohio

Post by tim »

you can assign session vars simple.

Code: Select all

<?php
$_SESSION['user'] = $_POST['user'];

// from there, you can check if the user is logged in or not by seeing if the session var is present, if not, use the form to Add the information into the db.

$sql = mysql_query("INSERT INTO table_name ('username', 'password', 'company') VALUES ('$username', '$password', '$company'") or die (mysql_error());

something like that.
?>
User avatar
tim
DevNet Resident
Posts: 1165
Joined: Thu Feb 12, 2004 7:19 pm
Location: ohio

Post by tim »

Also - session_start();needs to be on every page you wish to assign, call upon, anything with session vars peroid.
saltriver
Forum Commoner
Posts: 59
Joined: Fri Mar 12, 2004 2:40 pm
Location: Burlington, VT

Post by saltriver »

I was hoping to avoid having that on the form. Too repetitive, since they will be adding items one at a time. It looks like this should work.

Code: Select all

$sql = mysql_query("INSERT INTO table_name ('username', 'password', 'company') VALUES ('$username', '$password', '$company'") or die (mysql_error());
This Logincheck.php page is an include that's put into every page in the login section, so the session should be OK with that, right?
As for the VALUES, do I need to make an array for those or does the $ in front of the field name take care of itself?

steve
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

building your own session handler is probably the more solid solution of the two, however, it is vastly more complex at times. :)
Post Reply