as long as your usernames are unique you should never have a problem. (assuming everything else works as planned.)
it should...
i want to use sessions for a login system and stuff too but i want it to check to see if the person is logged in before going to the login section... if the session isnt valid then require a login...
is this code valid?? <?php if(session_start($name)) {/*do whatever if person is logged in already*/ } else { /*do whatever if session doesnt exist*/ }
if that does work then all i need to do is figure out how to do a session_distroy() to delete it after logged out...
You shouldn't rely on whether a valid session exists to determine if user is logged in. You should depend upon a certain variable within the session. session_start(), with or without $name, is going to be TRUE because it just starts a session. If a session did not exist, it'll start one. When a use logs in correctly, start a session and set a $_SESSION['loggedin'] = TRUE, variable.
Then on any page you want "protected", simply check for the variable
if(isset($_SESSION['loggedin']))
{ //person is logged in }
else
{ //person is not logged in }When the person wants to log out, simply unset() or set to FALSE the $_SESSION['loggedin'] variable. Now you force them to log in again. Even if they keep the same session name, it doesn't matter b/c that variable is not set.
-- ---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
