Manage Session IDs

Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy.
This forum is not for asking programming related questions.

Moderator: General Moderators

Post Reply
farhan00
Forum Newbie
Posts: 3
Joined: Wed Dec 03, 2008 9:17 pm

Manage Session IDs

Post by farhan00 »

I am working on the authentication piece of my web application. After successful authentication, the application will assign users a session ID in the form of a cookie. This session ID should tie to one specific user in the system, and when a user goes from one PHP page onto another, the different PHP pages must be able to verify that the session ID that the user is sending is authentic.

This seems like a fairly common requirement. How is this done? I do not know where to begin. Is there a guide online? Please assist!
robnet
Forum Commoner
Posts: 85
Joined: Mon Aug 10, 2009 8:32 am
Location: South East, UK

Re: Manage Session IDs

Post by robnet »

Php can handle sessions pertty much completely automatically. Check out session_start().
farhan00
Forum Newbie
Posts: 3
Joined: Wed Dec 03, 2008 9:17 pm

Re: Manage Session IDs

Post by farhan00 »

Yes and No.
Lets suppose you assign the session ID of SESSIONID. You do this in the page login_page.php. How is "displayupdate.php" or other php pages going to know that the SESSIONID variable you have maps to one unique user?
robnet
Forum Commoner
Posts: 85
Joined: Mon Aug 10, 2009 8:32 am
Location: South East, UK

Re: Manage Session IDs

Post by robnet »

Why do you need to set the session id manually? Can't you let php's internal functions deal with it all? Just use session_start() on every page you need session stuff.
Post Reply