Programming Forums
Page 1 of 2 1 2 >
Show 40 post(s) from this thread on one page

Programming Forums (http://www.programmingforums.org/forumindex.php)
-   PHP (http://www.programmingforums.org/forum29.html)
-   -   Php Login System (http://www.programmingforums.org/showthread.php?t=7351)

MikeC Dec 1st, 2005 9:57 PM
Php Login System
 
Allright well a login system is what I have to do next... So To start I have a question. How does the code know that your logged in?

Lich Dec 1st, 2005 11:44 PM
a cookie or a session. Cookie is the most preferred.

MikeC Dec 2nd, 2005 1:00 AM
Ah i see...

Arevos Dec 2nd, 2005 1:46 AM
Quote:
Originally Posted by Lich
a cookie or a session. Cookie is the most preferred.
Er... You mean a cookie or a GET/POST variable?

A session is a device which ties a series of HTTP requests together, using a cookie or GET/POST variable.

Lich Dec 2nd, 2005 9:19 AM
Quote:
Originally Posted by Arevos
Er... You mean a cookie or a GET/POST variable?

A session is a device which ties a series of HTTP requests together, using a cookie or GET/POST variable.
The script knows you're logging in via a get/post variable, but I was talking about how once you're logged in the system knows that by a cookie or session variable

Arevos Dec 2nd, 2005 10:04 AM
Quote:
Originally Posted by Lich
The script knows you're logging in via a get/post variable, but I was talking about how once you're logged in the system knows that by a cookie or session variable
Session ID are usually carried in cookies, with GET/POST variables as fallbacks. I suspect what you mean is that one shouldn't put login information directly into a cookie, and you'd be right. But don't think that sessions don't use cookies.

Lich Dec 2nd, 2005 11:41 AM
Quote:
Originally Posted by Arevos
Session ID are usually carried in cookies, with GET/POST variables as fallbacks. I suspect what you mean is that one shouldn't put login information directly into a cookie, and you'd be right. But don't think that sessions don't use cookies.
I know they do, but it's more like a cookie variant and they aren't stored in the same place ($_COOKIE[] and $_SESSION[] respectively), I was simply differentiating for the sake of showing it.

Arevos Dec 2nd, 2005 12:06 PM
Quote:
Originally Posted by Lich
I know they do, but it's more like a cookie variant and they aren't stored in the same place ($_COOKIE[] and $_SESSION[] respectively), I was simply differentiating for the sake of showing it.
Bleh. You confused me :p

Lich Dec 2nd, 2005 12:08 PM
Quote:
Originally Posted by Arevos
Bleh. You confused me :p
my bad ;)

Mocker Dec 2nd, 2005 11:49 PM
the webserver has a setting for php which decides to store sessions as cookies only, or as cookies first and get/post as fallback, or just get/post. GET is pretty insecure to have your information in.
Normal login steps are.
Have a form to enter login information
Send form via POST to a php script
Have the php script verify login information
Have the script start a session (search for session at php.net for functions) with your username or some other identifier
Whenever you need to use that information, access it through $_SESSION['variable']


All times are GMT -5. The time now is 9:48 PM.
Page 1 of 2 1 2 >
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.7.0, Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Copyright ©2007 DaniWeb® LLC