Page 3 of 3

Posted: Sat Oct 08, 2005 9:23 pm
by camhabib
Can you explain the session name to me. I'm not really sure I understand the purpose of it. And its not that I don't want it to do anything, I just want it to continue on to the rest of the script on the page if the user is authenticated. If the user isn't authenticated I want it to stop teh script on the page and produce an error message.

Posted: Sat Oct 08, 2005 9:27 pm
by mickd
oh, because you had

Code: Select all

if (! isset($_session['name'])) { 
}
i assumed you would want that session set if login was sussessful.

Posted: Sat Oct 08, 2005 9:30 pm
by camhabib
Do you have some kind of example of a session code on your own site that you could provide for me? I want basically to be able to have this user log in, browse the pages, close the browser, and then have to be able to log in again to access the pages; is the code I have down what I need to accomplish that?

Posted: Sat Oct 08, 2005 9:34 pm
by mickd
the example you did above, the user would have to relogin if they visit another page that requires login (even without closing the browser).

if you set a session when you login, and check every login page if the session is set and only display login if its not, it would mean the user would only have to login once until the session expires (depending on what its set in the phpini as)

i used cookies instead on my site for the login process. my code is very simular to Maugrim_The_Reaper's challenge response tutorial here viewtopic.php?t=38810 with a few modifications.

Posted: Sat Oct 08, 2005 9:39 pm
by camhabib
Alright, so how would I, using my method not the one in that tutorial, make it so that once logged in the user would not have to continuously log in? Do I need to create a session name or something like that?

Posted: Sat Oct 08, 2005 10:34 pm
by mickd
you can call the session anything you like and then just check if its set and for example set the value of it as the persons username so that the script knows who youve logged in as.

Code: Select all

$_SESSION['name'] = 'value';
name can be anything you want.

to check it use

Code: Select all

if(isset($_SESSION['name'])) {
//logged in
} else {
//not logged in
}
make sure youve called session_start(); at the start of the page.