tedd wrote:
On 5/4/09, Matthieu <spamamis@xxxxxxxxx> wrote:
Hello,
I'm a totally newbie to php/Mysql but I'd like to know if it is
normal that
I have to connect 3 times to the db in one page.
For example, I have
1. A connection for the login / pass a $_SESSION['login'] before the
HTML
tags
2. I need to say hello to the user so I reconnect, run a query to
select the
user having the login and echo 'Hello '.$user['login'].'!''
3. I need to show him his friends a bit later, so I have to connect a
last
time and re-run a querry because I can't use the data $user that I
used in
my upper php code...
Is there a walkthroug to have only one connection for the page?
Thanks
Matthieu
Matthieu:
The way I usually have a user navigate a protected site is to first to
have them identify themselves via a logon/password script -- and then I
store their user_id in a SESSION. Note, I do not store all their data in
a SESSION, just their user_id. The user_id should be an unique
auto_increment integer primary key from your users' table.
At the start of each protected page, I have:
<?php session_start();
$user_id = isset($_SESSION['user_id']) ? $_SESSION['user_id'] : 0;
if($user_id == 0)
{
header('location: login.php);
exit();
}
// proceed with processing
As such, I check if $user_id > 0 -- if so, then I process the request as
directed. If not, then I send the user back to login.
That's basically what i do.
I don't store much in sessions, just the id of the logged in user (set
to 0 for not logged in) and maybe a few temporary things (IE a page that
requires login, if the uid is set to 0 I'll store the page in the
session so that after login they can be redirected back). There's a few
other things I do in session data, but not much.
Since I only use non persistent cookies for security reasons, almost
anything worth saving is worth saving as a db record tied to the user
id. Sessions for me mostly are just a way to know a user is
authenticated and who they are authenticated as.
As for connecting to the database, I connect as needed to get
information needed. I do not use SESSIONs to store all the data to be
passed from page to page, I gather only what's needed for that page.
I also make sure that when I open a connection, I close the connection I
may have several open/close statements within a page, but normally I try
to avoid that.
I just use pear mdb2 - they make it easy to deal with multiple different
databases etc. and I just let the connection close when the page
finished executing, I don't explicitly close any connections.
I do explicitly unset prepared statements, but only on pages that do
many queries (short fast pages free up the memory when the page finishes
executing anyway).
Since I generally use the same database for session handling as I use
for rest of the app, the database will be opened when the page starts
and need to be open when the page finishes execution for writing any new
session data, so it doesn't make sense to me to explicitly close the
connection except for my search engine (it uses a different database) -
but when the search query has run, the search results are displayed and
the script finishes executing anyway, so closing that connection isn't
needed anyway - the job is done and the script exits quickly closing the
connection on it's own.
HTH's
tedd
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
