|
|
Posted by bill on 12/12/06 12:03
no@emails.thx wrote:
> On Mon, 11 Dec 2006 10:17:07 -0500, bill <nobody@spamcop.net> wrote:
>
>> no@emails.thx wrote:
>>> On Mon, 11 Dec 2006 07:00:58 -0500, bill <nobody@spamcop.net> wrote:
>>>
>>>> relative PHP newbie, not new to computing or web design
>>>>
>>>> Login page -> get data page (bringing user name and password in
>>>> form variables).
>>>>
>>>> get data page -> display data page (bringing user name and
>>>> password in hidden form variables).
>>>>
>>>> display data page -> approval page (bringing user name and
>>>> password in hidden form variables. Also bringing disposition in
>>>> a form variable.)
>>>>
>>>> the problem is: from the approval page I want to redirect to the
>>>> get data page, but need to bring along the user name and password
>>>> so it does not get redirected back to the login page.
>>>>
>>>> Is this were I would profitably use session variables ? I have
>>>> not explored that solution. Is there a better and/or easier one
>>>> other than bringing the user name and password in the URL ?
>>> Hi Bill
>>>
>>> Sessions are your best bet. Also, after approving the user's login and
>>> password it would be better just to store a flag in the session - or
>>> better-still the user's ID number from their record in the database.
>>> Then you just have to check if the session variable exists and it
>>> should imply that the user has logged in and is approved. :o)
>>>
>>> Each PHP page should start with session_start() and then just refer to
>>> the variable like $_SESSION['userid']
>>>
>>> Hope that helps
>>> Chris R.
>> It does, thank you very much, great advice - next question is how
>> do I access the record number in mySQL ?
>
> Well, when you create the rows make sure the first field in your user
> schema is an integer with the autoincrement property set (and might as
> well make it the primary key too). Then MySQL will generate a unique
> number per row, which you will use to reference the row - that'll be
> the userid. You will read the rows into an associative array etc etc.
>
> Is that what you mean? :o)
>
> Chris R.
Ah, you said, "their id numbers". In my prior database
experience you could access the actual record number (which was
fairly random in a well ordered database). I see you are
assigning an _ID_ number, which is as you describe it.
In this case I am using a unique ID, non-numeric, which will suffice.
Thank you very much for the kind assistance to a newbie.
I will play with sessions this week.
bill
[Back to original message]
|