StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
18743644
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
2
CommunityOwnedDate
CreationDate
2013-09-11T14:15:04.010
FavoriteCount
0
LastActivityDate
2013-09-11T14:15:04.010
LastEditDate
LastEditorUserId
0
OwnerUserId
2752041
ParentId
18740543
PostTypeId
2
Score
19
ViewCount
0
LastEditorDisplayName
text
Body
There are basically two ways you can implement a login script in PHP: <ol> <li>Using <a href="http://www.php.net/manual/en/features.sessions.php" rel="noreferrer">Sessions</a></li> <li>Using <a href="http://www.php.net/manual/en/features.cookies.php" rel="noreferrer">Cookies</a></li> </ol> I'll try to explain both uses in a raw form below, so keep in mind there is a lot more to know about each of them. <h1>Using Sessions</h1> Making it simple, sessions are unique and lives as long as the page is open (or until it timeouts). If your browser is closed, the same happens to the session. <h2>How to use it?</h2> They are pretty simple to implement. First, make sure you start sessions at the beginning of each page: <pre><code><?php session_start(); ?> </code></pre> Note: It's important that this call comes before of any page output, or it will result in an "headers already sent" error. Alright, now your session is up and running. What to do next? It's quite simple: user sends it's login/password through login form, and you validate it. If the login is valid, store it to the session: <pre><code>if($validLoginCredentials){ $_SESSION['user_id'] = $id; $_SESSION['user_login'] = $login; $_SESSION['user_name'] = $name; } </code></pre> or as an array (which I prefer): <pre><code>if($validLoginCredentials){ $_SESSION['user'] = array( 'name' => $name, 'login' => 'login', 'whichever_more' => $informationYouNeedToStore ); } </code></pre> Ok, now your user is logged in. So how can you know/check that? Just check if the session of an user exists. <pre><code>if(isset($_SESSION['user_id'])){ // OR isset($_SESSION['user']), if array // Logged In }else{ // Not logged in :( } </code></pre> Of course you could go further, and besides of checking if the session exists, search for the session-stored user ID in the database to validate the user. It all depends on the how much security you need. In the simplest application, there will never exist a $_SESSION['user'] unless you set it manually in the login action. So, simply checking for it's existence tells you whether the user is logged in or not. Loggin out: just destroy it. You could use <pre><code>session_destroy(); </code></pre> But keep in mind that this will destroy all sessions you have set up for that user. If you also used $_SESSION['foo'] and $_SESSION['bar'], those will be gone as well. In this case, just unset the specific session: <pre><code>unset($_SESSION['user']); </code></pre> And done! User is not logged in anymore! :) <h1>Using Cookies</h1> Cookies works somewhat alike sessions, except they are stored in the client browser and lasts as long as you tell them to. For instance, you were using cookies "as sessions" when you were setting them to expire at $timeNow. I usually don't like using cookies for simple logins as they require more advanced security checks. Since they are stored at users' browser, they can easily be manipulated and malicious users could generate false login information and log into your system. <h2>How to use it?</h2> Pretty much as you do with sessions. The difference is about setting/unsetting the cookie: <pre><code>// To set a Cookie // You could use the array to store several user info in one cookie $user = array( 'id' => $id, 'name' => $name, 'login' => $login, ) setcookie("loginCredentials", $user, time() * 7200); // Expiring after 2 hours // Now to log off, just set the cookie to blank and as already expired setcookie("loginCredentials", "", time() - 3600); // "Expires" 1 hour ago </code></pre> To check if a user is logged in, you can use the same example as of the session, but using a different variable: $_COOKIE <pre><code>if(isset($_COOKIE['user']['id'] && !empty(isset($_COOKIE['user']['id']))){ // Logged In }else{ // Not logged in :( } </code></pre> Well, that's it. To remind you again, these are very simple login methods examples. You'll need to study a bit more about both methods and improve your code with some more layers of security checks depending on the security requirements of your application.
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POHow to connect user with a login cookie in PHP?
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USmathielo
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. COThanks. This definitely helped me understanding sessions and cookies, which I am still not used to. I still have my problem though, as it doesn't completely answer my question. I will be editing my question, as I think I know where is my error.
 singulars
 PostPostId
 PO
 UserUserId
 USLPB

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.