Mikael Grön wrote:
Are you asking someone specifically, or is this a general question?
Here's an example of when sessions are useful:
You have a login area on your website on which users who have registered
can log in to access special content. Only, you want such a high
security on your website so that people shouldn't be able to simply
browse to the hidden files, nor should a user still be logged in when
his friend uses his computer and starts a fresh browser. Here's where
sessions are perfect! You store the userId or similar information in the
session and start every secret page with the question:
if (!isset($_SESSION['userId']) ||
!CoolCheckUserValidityFunction($_SESSION['userId'])):
header("Location: login.php");
exit;
else:
$GLOBALS[USER] = new User($_SESSION['userId']);
endif;
of course you should not do that check in login.php... :P
Mike
PS: That $GLOBALS[USER] and the User class part is my own stuff.. Dunno
if anyone else does stuff like that.. :P
Out of curiosity, why do you create the user object on every page
request? Why not store the user object in the session?
Also, $GLOBALS[USER] is invalid unless you have defined a constant
called USER somewhere.
-Stut
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
