Learn computer science
_SESSION for PHP - Printable Version

+- Learn computer science (https://discuss.computersciencewiki.org)
+-- Forum: Questions and Answers (https://discuss.computersciencewiki.org/forum-1.html)
+--- Forum: Questions and answers (https://discuss.computersciencewiki.org/forum-2.html)
+--- Thread: _SESSION for PHP (/thread-54.html)



_SESSION for PHP - LamaPijeon - 02-16-2021

Sooo...
The way that the session works is that if someone comes onto my page from most other ASW websites, the session from their page gets transferred over to my page. The problem with this is that since the sessions never stop, the user is logged into my website without ever even making an account. Would the correct way of fixing this by checking if that username exists in my database, and then if it doesn't I destroy the session? What if it just happens that the person is using a username that exists, but isn't that person?


RE: _SESSION for PHP - SwissGuy - 02-16-2021

Instead of using the same session name as everyone else ($_SESSION['logged_in'] = true), use something more unique such as ($_SESSION['thisUserIsLoggedIn'] = true).


RE: _SESSION for PHP - bmackenty - 02-20-2021

(02-16-2021, 08:36 AM)SwissGuy Wrote: Instead of using the same session name as everyone else ($_SESSION['logged_in'] = true), use something more unique such as ($_SESSION['thisUserIsLoggedIn'] = true).

This is a great answer. Managing sessions should also be written to a database, but that is just a bit over our introduction to programming class.