TheGoldenShogun
Apr 29th, 2002, 11:48 AM
I am trying to figure out sessions fully and why I should use them.
Currently, when a user logs in I drop them a cookie and then, throughout the member section, write a little if at the top of the page to make sure that cookie is what it should be. If it's not, they get the boot.
Now why should I not use that or why is that not as secure as sessions? Also, with a session, if I am understanding it correct, I can set the sessions on one page but everytime a page that needs a session is called I need to call session_start()? then what, the same type of validation as my cookie if statement at the top of the page?
this is similar to what my little if statement looks like on the pages currently..
if ($cookie == '$x')
echo("You're on the list, come in");
else
echo("Who you, get out of here!");
how would I write that with sessions?
Currently, when a user logs in I drop them a cookie and then, throughout the member section, write a little if at the top of the page to make sure that cookie is what it should be. If it's not, they get the boot.
Now why should I not use that or why is that not as secure as sessions? Also, with a session, if I am understanding it correct, I can set the sessions on one page but everytime a page that needs a session is called I need to call session_start()? then what, the same type of validation as my cookie if statement at the top of the page?
this is similar to what my little if statement looks like on the pages currently..
if ($cookie == '$x')
echo("You're on the list, come in");
else
echo("Who you, get out of here!");
how would I write that with sessions?