Manage Sessions with Database.

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Post Reply
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Manage Sessions with Database.

Post by tecktalkcm0391 »

I was googling this can couldn't find a tutorial that showed how to throughly do this, without a bunch of security holes. (i.e. mysql_query($_POST['sql']);
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Manage Sessions with Database.

Post by Christopher »

There are lots of these around. There are even examples in the manual:

http://www.php.net/manual/en/function.s ... andler.php
(#10850)
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Re: Manage Sessions with Database.

Post by tecktalkcm0391 »

I think I got something working for this, but is there a way to make it so that it checks that a user (that is part of a system) is not logged in already, and deny if the user is logged in already....

cause they way I have it is AppCompanyLicense = 12345... user = Chris could be an account and AppCompanyLicense = 54321... user = Chris ---- so the same username could be used, but it depends on the License.

or do you think I should change that if it makes a security hole in anyway I don't see
User avatar
lafever
Forum Commoner
Posts: 99
Joined: Sat Apr 05, 2008 2:03 pm
Location: Taylor, MI

Re: Manage Sessions with Database.

Post by lafever »

The one arborint showed and Chris Shiflett has a tutorial also on it.

http://shiflett.org/articles/storing-se ... a-database
Post Reply