I'm creating a browser Role Playing Game in JavaScript, HTML5 (canvas). I'd like to store player data in a MySQL database using sessions.
I've created a login system and it seems to be recognizing me when I log in.
session_start();
if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true) {
echo "Welcome back, " . $_SESSION['username'] . "!";
} else {
header("Location: php/Login.php");
}
Would I store data into a database using session variables as well? How do I associate the data with the username stored in the current session? Would I create session variables to store each item? That doesn't seem logical. When the user presses "save", it will call a MySQL function to load that data into a table.
When your login function (presumably) reads the username and login data to validate the user, it can also retrieve the userid or whatever you're using as the primary key for the user table (you are using a primary key, right?) Then you can store that key in the session itself for use in subsequent read and write operations.
Related
I have 3 pages. After login, resume generating page is there in which we type in our details and they are stored in a mysql server. After submitting, i have used window.replace to go to the resume output page which have to retrieve the data from the database of the same resume that had been building just now. How to retrieve the data from the same row? How to do it efficiently using session? primary key of the login/register table is 'u_id', primary key of the resume table is 'res_id'.
To use sessions every page you use them in needs to have
session_start();
After writing this you can use $_SESSION. After login you can make it that the username gets saved in the session with eg.
$_SESSION['username'] = 'xxx';
$_SESSION['password'] = 'yyy';
$_SESSION['userId'] = 'zzz';
I have user information that I stored in array session (only when user successfully login). When I update the user information using my web form, I realized that the user information that stored in session is not up to date with the database value.
Does that mean the session only memorizing those assigned data once till it meet with a function that replacing the data stored in session? So if I want to get the updated data from database, I need to keep re-assigned back the data session?
EDIT
I have this code in my Homepage_controller to fetch user information when they successfully login and store in session.
$_SESSION['user'] = $this->Homepage_model->fetchUser();
Then user will be redirected to profile page which is using different controller User_account_controller and from this controller I used to update user profile and will keep using the $_SESSION['user'] that been set from the Homepage_controller
As I can understand your post you are assigning session variables on login.
While you are logged in you change the data in database and want to update session variables?
If so you need to query database, retrieve new values and assign to session variables again.
I'm building an application and have just added a Login page which works well, communicating with a "username" and "password" field in the database. After logging in, it takes you a page users are authorized to see.
Is there a way I can display "Welcome, xxx" to the particular user logged in at the next page? And more importantly, output detailed information of the logged in user on that next page? More technically, to output properties of the username which are in different tables in the database.
Now I know I should begin with:
<?php
session_start();
$_SESSION['username'] = $user_name;
?>
But how do I specify assigning the value of "$user_name" to the value inputted in the username textbox.
Use this
$_SESSION['user_name'] = $_POST['username'];
I think using sessions is unnecessary for this task.
Simply search the database for the user's name once they log in and display this back to the page. Only store what's needed in sessions, databases are a more efficient storage medium.
I'm currently experimenting with HybridAuth for my signup/log in system. After a user has authenticated successfully, i store the user id in the session $_SESSION['user'] = $user_id. I also store all the other data that HybridAuth can give me about a user in a database for later use.
Then when I need to check whether the user is logged in, I can run the following:
if(isset($_SESSION['user_id']))
And then maybe something like the following to ensure that the logged in user can perform an action (e.g. delete comment):
if ( $_SESSION['user_id'] == $comment_user ) {
//User owns the comment, go ahead and delete it.
...
}
Isn't this sort of thing enough?
What is the point of all the $_SESSION data generated by HybridAuth?
Would it be better to unset it all to save memory?
How have others used this data?
Using $_SESSION that way is ok, but what happens with the $_SESSION expires? do you reauthorize?
We store the HybridAuth authorization info in a MySQL and use it later to access Social Media Profile, post to timeline and such.
I have a user based web app that I am putting together. The system creates a user object at login and then stores it in the session array. On each page load the system validates the session data against a session key stored in the database and checks to see if any data related to the user has been changed (bool flag in the user table). If data has been changed the user object is recreated, otherwise I use the one stored in sessions. It looks something like:
session_start();
if (isset($_SESSION['name']))
{
$flags = get_session_flags($_SESSION['session_key']);
if (!$flags['valid_session_key'])
{
logout();
redirect_to_home();
}
if ($flags['user_data_changed'])
{
$user = recreate_user_object();
}
else
{
$user = $_SESSION['user'];
}
}
My concerns are about php/mysql server performance. What possible issues might I run into storing the user object between page loads? Should I just always pull the data fresh from the db? It is a significant amount of information including several activity based objects stored inside the user object.
Thanks for the help.
The system creates a user object at
login and then stores it in the
session array.
What constitutes a User object? How much of the User object will you utilize? Do you constantly need all the data it offers?
On each page load the system validates
the session data against a session key
stored in the database and checks to
see if any data related to the user
has been changed (bool flag in the
user table).
How often is the user data updated? If it's only updated on a few pages, then doing the check every page load seems a bit much. The previous question still holds though as what constitutes rebuilding a User object.