addressalign-toparrow-leftarrow-rightbackbellblockcalendarcameraccwchatcheckchevron-downchevron-leftchevron-rightchevron-small-downchevron-small-leftchevron-small-rightchevron-small-upchevron-upcircle-with-checkcircle-with-crosscircle-with-pluscrosseditemptyheartexportfacebookfolderfullheartglobegmailgoogleimageimagesinstagramlinklocation-pinmagnifying-glassmailminusmoremuplabelShape 3 + Rectangle 1outlookpersonplusprice-ribbonImported LayersImported LayersImported Layersshieldstartickettrashtriangle-downtriangle-uptwitteruseryahoo

Re: [php-353] Question from a PHP newbie about secure website navagation?

From: Paul P.
Sent on: Wednesday, January 7, 2009 8:28 AM
I like to keep track of all visitors of the Web site.  If the user is not logged in, that user is marked with only guest access.  If the user does log in, that user is marked with the appropriate level of access.  Depending on the level of security needed, you can keep users logged in for a set amount of time.  Each time the user accesses a different page on the Web site, the user's set amount of time is reset.  As Sharon stated, it is probably not a good idea to log user's out automatically if they surf from a secure page to a public page.

    - Paul

On Wed, Jan 7, 2009 at 7:37 AM, Sharon <[address removed]> wrote:
I have created sites like this -- I keep people logged in even when they move from a secure page to a public page. It's much easier for users that way. Before I did that, I had complaints. Users shouldn't have to log back in every time they click to a public page and them back to a secure page.
 
At the time I was also new to PHP and kept the code very simple, using PHP's native session control functions -- session_start(), session_register() for session variables, etc., and followed an example in a PHP book for user authentication.
 
Sharon
----- Original Message -----
From: jperson
To: [address removed]
Sent: Sunday, January 04,[masked]:08 PM
Subject: [php-353] Question from a PHP newbie about secure website navagation?

To all,
I just started learning PHP and have created a database using MySQL(I am a Oracle developer). I have also have created a website using HTML & CSS. I then added PHP code to login to the database. I am creating session id. My question is once a user has login to the database how do you allow them to move around to the rest of the website?  In other words the website has a secure areas and unsecured areas. Do I have to check for the session id for the page they go to? if a user navigates away from the secure area do I tell them they are leaving the area and say they will be logged out and they will have to log back in?
Any ideas would be very very helpful.

--
Thank You

Jerome Greene




--
Please Note: If you hit "REPLY", your message will be sent to everyone on this mailing list ([address removed])
This message was sent by jperson ([address removed]) from The Philadelphia Area PHP Meetup Group.
To learn more about jperson, visit his/her member profile
To unsubscribe or to update your mailing list settings, click here

Meetup Support: [address removed]
632 Broadway, New York, NY 10012 USA




--
Please Note: If you hit "REPLY", your message will be sent to everyone on this mailing list ([address removed])
This message was sent by Sharon ([address removed]) from The Philadelphia Area PHP Meetup Group.
To learn more about Sharon, visit his/her member profile
To unsubscribe or to update your mailing list settings, click here

Meetup Support: [address removed]
632 Broadway, New York, NY 10012 USA

Our Sponsors

People in this
Meetup are also in:

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy