You also don't have to use sessions to do anything. Cookies are fine as you have been told before.
Every script must verify that a certain condition is true, such as the session or a cookie has been set to verify that the current session is authorised for access.
I recommend you looking a simple project that deals with somehting like this. I run a small open source project which provides a very simple document management solution.
You can try this out at http://anastacia.networketernity.com and the source is available at http://sourceforge.net/projects/terracotta
The source is very well documented and can give you many ideas for PHP programming. The project uses an array called $configuration for its configuration which includes authentication details.
Simple plugin style code, also allows the replacement of that to work with a MySQL table for authentication.
Hope this helps you in some way
AceZero2790@xxxxxxx wrote:
These ideas are great and all, but I'm a real PHP newb so I have some questions.
It was that I should "look for the user in the database that stores the access info" Could I just use an array for that? Or does it have to be MySQL or something.
$_Session['user_id']= (who) - Does that just add the user to the session?
And I have some more questions. For instance, once the person has logged in, how do I forward them to the page they now have access to? How do I set the permissions the users have? How do I make it so that a user will not be allowed to a page if they haven't logged in?
I guess these are all pretty newb questions..but I appreciate your time and patience.
-- Devraj Mukherjee (devraj@xxxxxxxxxxxxxxxxxxxxxxxx) Eternity Technologies Pty. Ltd. ACN 107 600 975 P O Box 5949 Wagga Wagga NSW 2650 Australia Voice: +61-2-69717131 / Fax: +61-2-69251039 http://www.eternitytechnologies.com/
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
