Page 1 of 1

$_SESSIONs

Posted: Wed Apr 06, 2005 8:04 pm
by anthony88guy
I have a small membership area, you need to login to get access. You also must be verified by a admin inorder to get complete access to the member tools. Now my script works alittle bit. My table looks like this


When field "" is set to ? by an admin you can access all areas of the membership area. When its set to 0 (default) you can only see the membership home page. With field "" is set to ? you can access admin options such as unlock accounts. My problem is that the sessions are losing their value or something because when i am going to different areas of my membership area, sometimes i get sent to membership home (basicly not verfied account). On each of my pages it checks that you are verifed, and if you are a mod it displays mod options. You can try it, my login page




This is verified and has mod rights, so if you start clicking and going to differnet areas you will get send to ffhome.php (membership home).

How should i solve this problem? Query the database for the "status" and "mod" values each page?

Posted: Wed Apr 06, 2005 8:10 pm
by John Cartwright
What I like to do is when the user logs in, update his user row with the current session_id(). (This is to make sure only 1 instnace of the user can log in at a time).

On pages where access is required you can either

1) Check if ($_SESSION['loggedin'] && $_SESSION['access'] == 1)
2) Run a query on the database and searchnig for

Code: Select all

$sql = "SELECT COUNT(`id`) AS `total` WHERE `session_id` = '".session_id()."' AND `access` = 1";
if returns 1 row then user is admin, let him have access to that part of site.

Also, you could create another column in your user row, and update their last activity.
Each page load on your index, run a check for (time() > ($row['last_activity']+3600)) then log the user out. This is so if the user closes the browser, it still will change his status after a certain period of time, so a user on a different computer may also log in at a later point in time.