Sessions (once user is logged in)

Mr_Chew

I've created user registration and login system...below I have the code for logging the user in:

<?php
$user=$_REQUEST['username'];
$pass=$_REQUEST['password'];

$user=strip_tags($user);
$pass=strip_tags($pass);

$user=str_replace(" ", "",$user);
$pass=str_replace(" ","",$pass);
$user=str_replace("%20", "",$user);
$pass=str_replace("%20", "",$pass);

$user=addslashes($user);
$pass=addslashes($pass);

$connection=mysql_connect("localhost", "db_username", "$db_password");
$mysql_select_db("databasename")

$pass=md5($pass);

$request="SELECT * FROM users WHERE password='".$pass."' AND username='".$user."'";

$results=mysql_query($request, $conn);

if(mysql_num_rows($results)}
{
	echo"User logged in"
	$_SESSION['user']=$user;
	$_SESSION['auth']=true;
}
else
{
	echo"The Username or Password you have entered is invalid. Please go back and try again or procede to our <a href="signup.php">registration</a> page.";
	$_SESSION['auth']=false;
}
?>

I've been reading up on sessions now for quite a time and I'm having trouble understanding how to use sessions in terms of navigating around the website once the user is logged in. For example, once the user is logged in, I want the user to be able to customize options and such. Also, to restrict certain pages of my website if the user is not logged in.

Drakla

I don't see as session_start in that code. Anyway, just think of sessions as an array that you can carry from page to page for a particular user, because essentially that's exactly what it is.

If you want to customise a page with something as simple as different css sheets then just set it in the session with $_SESSION['useCssSheet'] = 'gothiceuphoria.css'; then in further pages echo it back out into a html stylesheet link.

Have you done any small experiments with sessions just to see them working, printing out their contents with [man]print_r[/man] ? If not, then do it as they're absolutely simple - I mean that, it baffles me that people are so seemingly fearful of them.

Mr_Chew

For example, what I want to do--

I have a user/pass login form on my site in a sub content box on the left. Once the user logs in, I want the page to reload with the index.php file with it saying 'you are now logged in' in that sub content box. Below that I wanted to be able to have the user customize options. Do you have a general idea of what I'm getting at?