Session Example?

Anon

Hi anyone got a session example with combined user authentification? The ones on this site are for no particular purpose🙁

Anon

NOTE: THIS SCRIPT REQUIRES PHP 4.1.x! See the PHP documentation for an alternative to _SESSION for earlier versions.

[begin code:]

<?
session_start();

function dologout() {
session_unregister('ID');
}

if (!$_SESSION['ID'] && $dologin) { // not already logged in, and form submitted.
if (!dologin($entered_user, $entered_pass)) {
$message = "Login Error!";
}
}

if ($QUERY_STRING == "logout") {
dologout();
}

<a href="?logout">Log Out</a> // log out link

<form action="<?=$PHP_SELF;?>" method="post">
<?=$message;?>
Username: <input type="text" name="entered_user" /><br />
Password: <input type="password" name="entered_pass" /><br />
<input type="submit" name="submit" id="submit" value="Log In" />
<input type="hidden" name="dologin" value="true" />
</form>

Anon

[correction/update:]

the line "global $config;" is not needed. it's left over from my configuration file (to centralize the database connection/table names information).

Also remember that the login code (not the form, just the PHP code) needs to be before any content (even blank lines) are written to the page. A good rule of thumb is to put this as the very first thing on the page, and if you need to do anything else before it, put it inside the same set of <? ?>s.

Take this for example:

[begin index.php]
[<-- blank line]
<?
...
login code
...
?>
< html >
...
< body >
...
page body
...
</ head >
</ html >
[end index.php]

The blank line before session_start() will cause a "headers have already been sent" error.