Sign in to follow this  

[web] php - mysql - autentication

This topic is 4595 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

I have a table like this UserID - Primary Key Username Password I am using session, so I am just thinking freely here. If I have a class...
class User {
function LogIn( $username, $password ) { }
function LogOut() { }
function GetUserID { return $_SESSION[ 'UserID' ]; }
}

LogIn sets the $_SESSION, and logout destroy the session ... I can give more source later What if I stored a random number in $_SESSION[ SessionID ] = md5( time ); in the LogIn(). Should I then create an entry in my database called session, and store the md5( time ) there as well, and then if I run GetUserID(), I will check if the $_SESSION[ SessionID] have the same value as the session in the database? if not return 0; does it seem ok?

Share this post


Link to post
Share on other sites
W...T...F

You know there is this meme that says not to teach someone [x]BASIC as their first language as it will scar them for life by embedding bad programming practices and generally just mucking up how they approach problems. I'm really starting to feel the same way about PHP/MySQL (though alone PHP seems work out just fine). Please Lord, strike down MySQL, for it has sinned against databases. Thank you, my freak out is done for the day.

Now, what are you actually trying to accomplish here (from the beginning)?

Share this post


Link to post
Share on other sites
Quote:
Original post by Michalson
W...T...F

You know there is this meme that says not to teach someone [x]BASIC as their first language as it will scar them for life by embedding bad programming practices and generally just mucking up how they approach problems. I'm really starting to feel the same way about PHP/MySQL (though alone PHP seems work out just fine). Please Lord, strike down MySQL, for it has sinned against databases. Thank you, my freak out is done for the day.

Now, what are you actually trying to accomplish here (from the beginning)?


For some reason I'm not thinking MySQL is to blame here. [wink]

Share this post


Link to post
Share on other sites
Yes, you can do that. But it will not be any safer or more secure then simply storing the login status and the like in the $_SESSION array to begin with and do away with the MySQL alltogether. Implementing a custom session handler though PHP/MySQL is for when you do *not* want to use PHP's $_SESSION variables.

Share this post


Link to post
Share on other sites

This topic is 4595 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this