TalkPHP
Home Forums Articles Glossary Awards Register Rules Members Search Today's Posts Mark Forums Read
 
 
 
Account Login
Latest Articles
» The basic usage of PHPTAL, a XML/XHTML template library for PHP
by awuehr on 11-10-2008 in Tips & Tricks
» Vulnerable methods and the areas they are commonly trusted in.
by Village Idiot on 11-04-2008 in Classes & Objects
» Simple way to protect a form from bot
by codefreek on 10-23-2008 in Basic
» The Basics On: How Session Stealing Works
by wiifanatic on 09-12-2008 in Security & Permissions
» How to keep your forms from double posting data
by drewbee on 07-03-2008 in Tips & Tricks
IRC Channel
IRC Speech Bubble Join the friendly bunch on IRC...
(#TalkPHP on Freenode)

...Also available via a web interface.

See this thread for information on the TalkPHP Free Hugs Initiative™. Subject to availability.
Associates
Associates
CSS Tutorials
TalkPHP > Developer Forums > Absolute Beginners » Understanding Session ID
 
 
LinkBack Thread Tools Search this Thread Display Modes
Prev Previous Post   Next Post Next
Old 12-15-2008, 10:18 PM   #1 (permalink)
The Contributor
 
oMIKEo's Avatar
 
Join Date: Jan 2008
Location: Leeds
Posts: 52
Thanks: 7
oMIKEo is on a distinguished road
Default Understanding Session ID
Hi guys,

I am starting work on a large development with some pretty sensitive data so want to push to make the site as secure as possible. I have been reading a bit about security but am having a bit of trouble understanding how session_id works.

In the past my login scripts sets something like:

PHP Code:
$_SESSION['username'] = $username;
$_SESSION['userlevel'] = $userlevel
And then on secure pages i use something like:

PHP Code:
if(!$_SESSION['username'] || !$_SESSION['userlevel'])
{
    // Not logged in, redirect
    header("Location: login.php")

Obviously there is a lot of other code from the login page to make that secure but my problem is how do i use session_id to help check a user is permitted to view the page? Should i be storing the username/session_id in the database to refer back to on each page?

I'm sorry if this is an extremely stupid question,
Mike
Last edited by oMIKEo : 12-16-2008 at 12:12 AM.
Send a message via MSN to oMIKEo
oMIKEo is offline   		Reply With Quote
The Following User Says Thank You to oMIKEo For This Useful Post:
thanhtung90 (08-13-2009)
 

« Previous Thread | Next Thread »


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Huge Session Problem Killswitch General 1 11-17-2008 02:36 AM
storing class instance into session nizzy Advanced PHP Programming 3 10-02-2008 06:49 AM
Storing Session data in $_COOKIE as well shownomercy General 8 08-21-2008 02:00 PM
Session security Blackbrain Absolute Beginners 3 01-07-2008 11:19 PM
Understanding the Life of a Session Wildhoney General 6 10-27-2007 02:34 AM


All times are GMT. The time now is 07:59 AM.

 
     
Contact Us - TalkPHP - PHP Community - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.1.0
Inactive Reminders By Icora Web Design