Sessions?

[chemicalNova]

Howdy all,

I've searched and can't find any good help. I'm a tad confused aswell.

I'm pretty nub to PHP. I mean, I can do basic database queries, and all the other basic stuff (loops, all that), but I can't figure this out.

I'm wanting a login system, where if a user logs in, they stay logged in, until they log out, or they close their browser. So in other words, I don't know how to write cookies (or files for that matter) in PHP. How would I go about doing this? The way I *thought* was to enter true in an "online" field inside a table. But then, how would I remove this when they close their browser?

TIA,

chem

[ninjanutz]

i put this in the login page

Code:

	session_name ('User');
	session_start();
	$_SESSION['username'] = 'testing';
	$_SESSION['loggedin'] = time();

and this for the logout page

Code:

session_start();
unset ($_SESSION);
session_destroy();

i havent had a chance to test if this worx due to other errors on the page but let me no if it does

[{yak}]

Hi,

Once you run your 'login' query, and it's successful, you can store the username or whatever you need to store, into a session variable like so:

PHP Code:

// make sure you call session_start() before any output
session_start();
// this would be whatever the username is
$username = 'some user';
$_SESSION['username'] = $username; 


Now, you've got your username stored in the superglobal $_SESSION['username'] so in your other pages, you can run checks to see if this session still exists and such, if the session exits, then they are still loged in, else they aren't, again make sure you've got session_start(). Then when the user clicks 'logout' or whatever you've got it set as, you just have to destroy the session, like so:

PHP Code:

session_start();
session_destroy();
unset($_SESSION['username']); 


[chemicalNova]

Ok. I can't test this now, but I will later, thanks for the help

How about if the user closes their browser? Is there a way to detect that? Or will it automatically work?

chem

[ninjanutz]

depends u can give the session an expiration time months from now meaning they will be logged in even if the browser closes or u can give a negative expiration time which is wen they close their browser

[ninjanutz]

{yak} would my session work 2? or does it have to be the way u typed it?

[drkelusion]

Hi!
Not sure if this has been resolved yet or not, but just thought I would post a script that was in a tutorial I used.

The script is found on a loginconfirm.php page, which means if you setup a html login table (Username: Password:, etc.), then it will be linked by the "<form action="loginconfirm.php" method="post">" on the login html table.

On the loginconfirm.php script, I just used:

Code:

setcookie("loggedin", "TRUE", time()+(3600 * 24));
setcookie("loginuser", "$username");

Then, on the pages you want to make sure they are logged in, just put:

Code:

<?php if (!isset($_COOKIE['loggedin'])) die("You are not logged in!"); ?>

I believe that should work if the browser closes aswell, as it has a time set.