php session

Anon

if i were to have a login with a username and password how would i keep the sesssion so that user could view there pages dymanically by there id without ever exposing there password. I think it is done with a session.

please help 🙂

Anon

Adam,

First, call session_start() on each page that you want to make use of the session variables. Then, once you have your validated a user, you can call session_register('variable_name'). Depending on what your needs are, you could register just the username or a simple variable such as logged_in.

eg. session_start();
...
$username='BOALTA';
session_register('username');

In a nutshell, the session_start() will create a unique session id that will be sent to the client browser as a cookie. When the client connects to the server again with the cookie, the server will have a session file (with the same id) that contains the values for your session variables. That will allow you to store multiple variables for each session. Also, the session information is stored on the server and is not part of the cookie.

To use sessions, you need to make sure your PHP.INI has the appropriate time for cookie expiration, session gargage collection, session file location, etc. Make sure that you call session_start() on each page that uses the variables that you register. If you need to access the variable inside a function, you need to declare the variable as global. Use session_unregister('variable_name') and session_destroy() to destroy the session.

For more info, check out http://www.devshed.com/Server-side/PHP/Sessions/

Good luck! st