PHP/MySQL Login

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
amir
Forum Contributor
Posts: 287
Joined: Sat Oct 07, 2006 4:28 pm

PHP/MySQL Login

Post by amir »

Should the following be used to see if a user is logged in:

1)

Code: Select all

Login Page: set $_SESSION['login']
to 1 if they were authenticated
2) Member Pages: check session variable

Code: Select all

session_start();
if($_SESSION['login']==1)
#logged-in, continue


Should the username/password be stored in session variables and re-checked against the database every time they issue a task or is this good enough?

TIA!
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

The answer is: it depends on your security needs.
Post Reply