Page 1 of 1

Session Basics

Posted: Thu Apr 17, 2008 1:56 am
by neridaj
Hello,

I'm just learning about sessions and want to control access to inner pages of a website i.e., restricting access based on whether or not a user is logged in, and also why my sessions never seem to time out.

something like this, but this always calls display_folders()

Code: Select all

if ($username && $passwd)
// they have just tried logging in
{
  try
  {
    display_folder();
    // if they are in the database register the user id
    $_SESSION['valid_user'] = $username;
  }
  catch(Exception $e)
  {
    // unsuccessful login
    do_html_header('Problem:');
    echo 'You could not be logged in. 
          You must be logged in to view this page.';
    do_html_url('login.php', 'Login');
    do_html_footer();
    exit;
  }      
}

Thanks for any insight,

Jason

Re: Session Basics

Posted: Thu Apr 17, 2008 3:08 am
by aceconcepts
By default sessions timeout after 24 minutes.

To check whether a user is logged in, check the status of their session variables:

Code: Select all

 
if(isset($_SESSION['logged_in']) && $_SESSION['logged_in']==1)
{
   //user is logged in
}
else
{
   //not logged in
}
 
You could also check by session_id().