When user login with a username and password, how to store the username and password so that when the user is redirected to another page, the username and password can be used as the key reference to load the relevant info from database?
Printable View
When user login with a username and password, how to store the username and password so that when the user is redirected to another page, the username and password can be used as the key reference to load the relevant info from database?
Sounds like you would like to use Session variables.
First off, make sure the password is hashed. You shouldn't be able to get it manually from the database or decrypt it.
Secondly, once a user logs in you would typically set a session variable with the username and/or id in it. From there subsequent pages would take that session variable and correlate data from the database.
Don't store the password in a session variable for 'reauthenticating' everytime he accesses a new page. Once the user is authenticated, all you need is a token of some sort as illustrated in post #3. Having that token is proof that the user is logged in.