Expiring Accounts

Jimbo17

I want to make a page that allows users to log in, but makes it so that they do not have to log in anymore as long as they are at my website. Also, they should be able to leave the website and the account stay active (assigned to say an IP?) for an hour or so and then it would expire making it to where they had to log back in. I hope all of this makes sense =\ Anyway, what would be the best way to accomplish this? TIA!

-David

LordShryku

Just use sessions

Jimbo17

Why will this not work:

<?php
session_start()
$_SESSION[test] = "";
?>

I put that in the header of my page but PHP spits out an error.. I am very new to this function, so I appologize if this is a stupid question. Do I have to set the $_SESSION[test] ahead of time so that I can populate it later on or can it be populated in the middle of the script?

LordShryku

Session variables can be registered at any point, but you need to call session_start() before anything else, including html tags.

Jimbo17

I put this before the <html> tag:

<?php
session_start();
$_SESSION['test'] = "";

?>

Then I use a form to get the user's number (just to test the $_SESSION variables):

I later call the $SESSION['test'] variable back, but I get nothing... My site is comprised of one PHP file that uses if statements to determine what to display, so I would assume that the $SESSION variables would work fine... I am so very lost... BTW, thanks for your help so far 🙂

LordShryku

Check out this tutorial. You really should have a good grasp on the concept of sessions before trying to implement them, and once you understand them, you'll use them for everything. Just post back when you have questions...

nick_perkins

alternately just use cookies:

//when you authenticate there user name and password then you can place a cookie that expires after an hour as below
setcookie ("name", $content,time()+3600);
//then check for it whenever they open your page and send them to the mebers section if they have the cookie
if( isset( $HTTP_COOKIE_VARS["name"] )) { 
header("Location: members.php");
}

now obviously you may like to get more security concious and make $content some form of there username and password and then check it when you check the cookie so that any jo bloggs can't just add a cookie to there PC and get in. ALso you can add this line in your log out function to get rid of it

setcookie ("name", "", time()-3600);

this will set the cookie to expire an hour ago thus immediately exipring it and deleting it.

I am unfamiliar with sessions. So I have no idea if this will make life easier or harder or anything. just a thought on my part. the more opinions you get the more options you have right?? 😃
good luck