[craigfarrall]

Hi All,

I am working on a dating website, and I am in need with help with sessions. I have read up on this in my PHP book and the free video on here, but if anything it confused me, so was wondering if anyone could help me.

I want to be able for a user to register, and at the end of the register I would like the sessions to start and that user can then navigate through the website and it being assigned to them.

But as I said before I have tried this before, and it confuses me to be honest, so if someone can go through the basics and what I need to do/know that would be appreciated.

Thanks
Craig

[Jcbones]

PHP Code:


session_start(); //must be called first on the page, very top before any output...^yes way up there...

//Store or call a session variable.  Yes, it is a superGlobal.
$_SESSION['variable']; 


That is the basics.

[craigfarrall]

Ok so if I have a customer first name saved in the db as 'fname' then I can use:

Code:

$_SESSION['fname'];

Then I can echo that out later to show the fname?

[End User]

No, sessions are not the same as your database. To use variables in a session you'll need to explicitly add the variable to the session itself, like this:

PHP Code:

// place this line at top of page before any output
session_start();

//create a var with a value
$testvar = "myfirstname";

// register the variable into a session
$_SESSION['testvar'] = $testvar; 


On another page, you can then do this (again, you need to start the session as above):

PHP Code:

// this will print nothing because the variable hasn't 
// been retrieved from the session yet
print "TESTVAR: $testvar";

// now we'll retrieve the var from the session
$testvar = $_SESSION['testvar'];

// this will print the text 'myfirstname'
print "TESTVAR: $testvar"; 


If you have a customer name saved in the database, you must first pull the name out of the database, then store it in a session.

Quote:

Originally Posted by craigfarrall

Ok so if I have a customer first name saved in the db as 'fname' then I can use:

Code:

$_SESSION['fname'];

Then I can echo that out later to show the fname?

[ruteckycs]

Dont use sessions, save the username and password as a cookie.

[Jcbones]

Quote:

Originally Posted by ruteckycs

Dont use sessions, save the username and password as a cookie.

Now that was alot of help.

Why not explain why you think that he shouldn't use sessions. That may be more helpful.

I would love to hear why Cookies are better than Sessions.

PS. Session is a Cookie, just not persistent.

[ruteckycs]

Sorry my friend I think you are confused. Sessions are NOT Cookies. Sessions are stored server side, Cookies are stored client side.

I say use cookies because as I recall for me , when I was first coding, cookies were much easier to understand and work with.

[Jcbones]

Quote:

Originally Posted by ruteckycs

Sorry my friend I think you are confused. Sessions are NOT Cookies. Sessions are stored server side, Cookies are stored client side.

I say use cookies because as I recall for me , when I was first coding, cookies were much easier to understand and work with.

Being that a default php.ini says

Quote:

session.use_cookies specifies whether the module will use cookies to store the session id on the client side. Defaults to 1 (enabled).

And, most people will not disable that, then YES, sessions use cookies.

AT least on the 4,009,128 websites that I have visited in the past few years.

PS. 98% of my statistics are made up.

[Nico]

Cookies are about one line of code easier, but 100 times more insecure. If you care about your user's security and privacy, use sessions.

[ruteckycs]

I said easier to understand not easier to code, but anyway that was for me OP may be different. As for security, I guess you have to ask yourself how likely it is someone will be attacking / routing packets for your customers computers, not likely for the home user, but for a bank or something ....?