Hi, all, i'm relatively new to PHP, but am creating a website that has a login screen as the first page within a website, and once a user has authenticated themselves gain access to the remainder of the website to perform actions specific to their details. (e.g. i'm creating an online dental surgery for registered patients, and when each patient has been authenticated on the website they can create an appointment, or update an appointment relating to themselves)
Once the login page has been loaded, should I start a session depending on the success of the login. e.g. register a session variable (the websites user's ID that has been extracted from the users table) if the login was successful, or destroy the session if unsuccessful? If login is successful, should I then use this session variable (patients id) with query strings to make actions to the database, such as create an appointment etc? Is this an efficient way of going about this method of carrying out actions specific to authenticated users?? Or is there a better way? Your help is much appreciated. Tryst -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
