How to work with sessions?

Anon

I've read some articles on the site that describe the use of sessions, but I can't make it work.

I want to know which settings are required in the PHP.INI-file. I don't want hundreds of cookie-files.

When the PHP.INI is right, then I want to know which functions are required to store session variables. My application is quite simple: when the user starts he has to enter name and password. I use these fields to search for his authorization level which I want to store in a session variable. In all other PHP-files I want to refer to this authorization level to see whether the user has access to the page.

That's all, but right now I'm stuck due to the leak of knowledge. I've managed to create the same application with ASP, but I don't want to use ASP anymore, because PHP seems more cool.

Thanks in advance,
Walter

eetze...

Anon

I'm making an e-commerce shop which uses sessions and session variables.

In the php.ini file u don't have to change!!
Do u want to store session variables in a database? Or u just want to store them during the use of the session?

I use a session variable to put the information in when the user logs in.
The way I use it:

(I put this in a application.php file and include this on every page i use)
session_start();
session_register("SESSION");

when a user logs in set the user variables:
$SESSION["user"]["name"];
$SESSION["user"]["privilege"];
(and whatever u want to store)

To check if the user has the privilege u just need to check the privilege with a function called something like:

function require_priv($priv) {
if (empty($SESSION["user"]["priv"])){
//say the user has no
//privilege to be here
die;
}
elseif ($SESSION["user"]["priv"] != $priv){
//say the user has no
//privilege to be here
die;
}
}

function has_priv($priv) {
// true if user has $priv as privilege
global $SESSION;
return $SESSION["user"]["priv"] == $priv;
}

(It's easy to put these in a libary)

Well, I hope it's something u look for :>

Let me know

Greezz anita