Where To Start Sessions And Cookies? »  Show posts from    to     

Icy Phoenix


English Chit Chat - Where To Start Sessions And Cookies?



mort [ Mon 19 Jan, 2015 23:33 ]
Post subject: Where To Start Sessions And Cookies?
Hey Fella's,

I use an index.php where all requests are processed with action=BLAH etc and SESSION(start) and cookies are included at the top of the index.php file.

Is that the best place for them - Or would they be better if they were placed into the login.php form. So that only logged-in users have their default sessions and cookie set and then just add sessions and cookies as required in the other scripts when one wants to add anything to either or both of them?

Not my top subject I'm afraid - -


Informpro [ Wed 21 Jan, 2015 00:27 ]
Post subject: Re: Where To Start Sessions And Cookies?
You need to start session at every page start, so in every public .php file.

If you want to cache account data (to avoid a users table query every page view ...) you could indeed put it in login.php, but then remember -- when an admin changes something, it won't be noticeable by the user until his next login.


mort [ Wed 21 Jan, 2015 02:24 ]
Post subject: Re: Where To Start Sessions And Cookies?
My friend, I'm totally lost on this

As a test I set a SESSION key in the index to change the style and it changes the user's SESSION with that key

But it does nothing else - The uses still has the same style as set in the user's Db?

Do you have the time to help me with this - Because all I need to see is how to apply the key so that it works?

I can send you the pages that involves all of the SESSION and cookies, or I could make available the "Demo" so you will have the whole lot.

Because as I said - I'm "Brain-Dead" on this and no amount of reading and trying is helping me.


Mighty Gorgon [ Wed 21 Jan, 2015 12:55 ]
Post subject: Re: Where To Start Sessions And Cookies?
It's not that easy.

Let's try to clarify few things:

  1. SESSION: is something which allows a user to be identified when navigating, so he don't have to input login data on every page. It has to be stored in DB and cookie (unless passed via GET/POST) to work properly, or you should use other kind of logins (which I won't discuss here).
  2. COOKIE: is a file saved on the client PC which can be used to store some basic data as session id or few other items. I wouldn't use it for any other critical data, because cookie may be altered or stolen... so it can introduce security issues. Usually on phpbb and other systems, cookie store session id, so user don't have to input login data on every page. Session id stored in cookie is queried on the session table to identify user id and all other user data.
  3. DB: is where all user data should be stored... username, password, language, style, info, contacts... and so on. When a user logs in, then username and password are compared with the ones stored and a new session is assigned to that registered user.


You need to understand how each of these elements works before coding anything related to sessions. There are functions which allows to read and write to cookies, which sometimes may behave weird...

Also the order used to check and set user data is really important... sometimes you may read something from cookie which get overridden by DB and vice versa... so make sure you don't read the style from cookie and then you load user data from db over the same var...


mort [ Wed 21 Jan, 2015 13:41 ]
Post subject: Re: Where To Start Sessions And Cookies?
Hey MG - You still alive?

The SESSIONS work fine and all I'm trying to do is create a theme switcher based on sessions

I had it to the point where it would switch some of the request and not go through with flushing the current template away - I even tried the obj- stuff and still no luck.


PS. And I do have the SESSION time in the DB - And I think it's the same as Icy-P

Edit:

Never mind fella's - This can wait......




Powered by Icy Phoenix