|
Posted by Mike on 02/01/06 16:38
I need to create a login script that once all the checks have been done
(username and password match whats in the MySQL database), a few
variables are stored for other pages such as the users ID, username and
also an AUTH=1 to to check the user is logged in on every page.
I see the 2 options as follows..
Option 1
setcookie("auth", "1", 0, "/", "www.mysite.com", 0);
setcookie("userid", $id, 0, "/", "www.mysite.com", 0);
setcookie("username", $username, 0, "/", "www.mysite.com", 0);
Then do a check on a new page...
If ($_cookie[auth] == "1") {
$display = "<p>Welcome back $_cookie[username]. Your ID is
$_cookie[userid]";
} else {
$display = "<p>Your not authorised";
exit;
}
//display $display
Option 2
session_start() //put on every page
$_SESSION[auth] = "1";
$_SESSION[userid] = $id;
$_SESSION[username] = $username;
Then do a check on a new page...
If ($_SESSION[auth] == "1") {
$display = "<p>Welcome back $_SESSION[username]. Your ID is
$_SESSION[userid]";
} else {
$display = "<p>Your not authorised";
exit;
}
//display $display
Which option would be the best way to do it? I'm sure there are some
pro's and con's?
I know cookies are client side and sessions are server side so I guess
my main concern is if 2 people access the site at the same time, won't
the variable stored in the session on the server overwrite with person
who logged in last, or am I being stupid??
Thanks
Mikee
[Back to original message]
|