Sessions work by creating a unique identification(UID) number for each visitor and storing variables based on this ID. This helps to prevent two users' data from getting confused with one another when visiting the same webpage.
I use sessions after I have verified the log on details of an user. The user is able to access allowed pages. Any one not logged in will get a message say that they are not authorised.
All page that require the use of a session, even the original log on page must have this code.
session_start();
header("Cache-control: private"); // Allows the backspace of a page will in a session
Once I have verified the user logging in I would place this code.
if($user = 'user' && $pass = 'password') // This section of code is a simple example to show
{
$_SESSION['name'] = true; // Names the session for later use.
echo "Your are logged in";
}
else
{
echo "Incorrect username or Password";
}
All pages that the user has permision will nee the following code:
session_start();
header("Cache-control: private");
session_start();
header("Cache-control: private");
if($_SESSION['name'])
{
echo "You have access to this page"; // Plus all the information that the only the user can is autorised to see.
}
else
{
echo "You are not authorised to see the contents of this page";
}
No comments:
Post a Comment