Hi James,
While using sessions the timeout period can be set in the php.ini
file(not sure). The other option is that once you authenticate the user and he is
logged in, simultaneously create a session - say $_SESSSION[''logged_in"]=1. And
include a script at the top of every file he visits after logging in. That script
should update...i.e again create $_SESSION["logged_in"]=1. This should repeat at the
begining of each php file after logging in. Where by the session will be alive as long
as the user visits different pages on the site.(But what happens when he is idle with
a particular pahe open for a long time........)....I don't know whether u got my idea
or not. Don't lose hope. Make a wild search on the net regarding this. Also look for
archives of the mailing list. You'll defenitely get a solution for this ....GOOD LUCK
Atlast my sincere advise to u....Go for Apcahe server for php.....not IIS or PWS.
....SuDeEp......
Nunners <[EMAIL PROTECTED]> wrote:
Hi Dale,
Sorry for emailing you again (and anyone else who can help) - but I'm
getting a bit desperate!
I've got to finish this project today - 2 hours to go!!!!
I need to sort out the user authentication into the application - I'm using
IIS & PHP5 - which is proving a bit of a nightmare. I've decided cookies
are a no go, because of the cookie problems with IIS... so sessions it is!
However, I've looked at all sorts of things on the net, and can't find
anything that will help me write an user authentication setup for my web
pages....
Please please please can someone assist me!
Thanks
James
> -----Original Message-----
> From: Dale Attree [mailto:[EMAIL PROTECTED]
> Sent: 12 October 2004 18:23
> To: Nunners
> Subject: RE: [PHP-WIN] Cookies!
>
> Yes, same concept, different implementation.
>
> -----Original Message-----
> From: Nunners [mailto:[EMAIL PROTECTED]
> Sent: 12 October 2004 16:34
> To: [EMAIL PROTECTED]
> Subject: RE: [PHP-WIN] Cookies!
>
>
> Could I also do this, using a link to mysql instead of the file? If so,
> then this might be a good option?!!!
>
> Cheers
> Nunners
>
> > -----Original Message-----
> > From: Dale Attree [mailto:[EMAIL PROTECTED]
> > Sent: 12 October 2004 14:52
> > To: Nunners
> > Subject: RE: [PHP-WIN] Cookies!
> >
> > You can always use sessions in conjunction with file handling, where you
> > create a file using the username as the filename, storing all your
> > previous
> > cookie information in the file as well as an expiration date and the
> have
> > a
> > default access function that loads the file's content into the global
> > session array and verifies the remaining time of the user.
> >
> > -----Original Message-----
> > From: Nunners [mailto:[EMAIL PROTECTED]
> > Sent: 11 October 2004 10:27
> > To: 'Sudeep Zamudra'
> > Cc: [EMAIL PROTECTED]
> > Subject: RE: [PHP-WIN] Cookies!
> >
> >
> > If I'm going to use sessions, I understand how to start them etc, but is
> > it
> > possible to have them "alive" for 24 hours?
> >
> > With the cookies, I was able to, once the user logged in, keep them
> logged
> > in for 24 hours.
> >
> > As it's an application we are providing for our customers, one of the
> > things
> > I'm able to stipulate is that they have IE6 & Cookies turned on!
> >
> > Any thoughts?
> >
> > Cheers
> > James
> >
> > > -----Original Message-----
> > > From: Sudeep Zamudra [mailto:[EMAIL PROTECTED]
> > > Sent: 09 October 2004 09:14
> > > To: James Nunnerley
> > > Cc: [EMAIL PROTECTED]
> > > Subject: Re: [PHP-WIN] Cookies!
> > >
> > > Hi James,
> > >
> > > Php on IIS or PWS are known to have problems with session
> > and
> > > cookie. Try using session instead of cookie. That's the safest way.
> Also
> > > anyone can disable cookies on the client side where by your login
> > > authentcation may fail. So best way is use session instead of cookie.
> > For
> > > details pls refer "php session handling" in the php Manual.
> > >
> > > ....SuDeEp....
> > >
> > > James Nunnerley wrote:
> > > I'm trying to create a simple login script for user to the web
> > application
> > > I'm
> > > writing. I previously wrote it for using PHP4 & Apache, however I've
> > > recently
> > > had to move to IIS5, and also upgraded to PHP5.
> > > [script]
> > > if (isset($_POST["username"]) AND isset($_POST["password"])) {
> > > $res=mysql_query('SELECT username, password, agent_id FROM user where
> > > username="'.$_POST["username"].'"');
> > > if (mysql_num_rows($res)==0) {
> > > $message="Username does not exist.";
> > > } elseif (mysql_num_rows($res)==1) {
> > > while ($user=mysql_fetch_array($res)) {
> > > if (strtolower($user["password"])!=strtolower($_POST["password"])) {
> > > $message="Incorrect Password.";
> > > } else {
> > > setcookie("username",$user["username"],time()+31449600,"/");
> > > setcookie("agent_ID",$user["agent_id"],time()+31449600,"/");
> > > setcookie("logged_in",time(),time()+60*60*12,"/");
> > > header("Location: http://".$_SERVER["HTTP_HOST"]."/";);
> > > exit;
> > > }
> > > }
> > > }
> > > }
> > > [/script]
> > >
> > > The above works fine on Apache, but on IIS, it would seem no cookie is
> > > set.
> > > I've found something suggesting I change php.exe to nph-php.exe - is
> > this
> > > true,
> > > does it work - it seems a little drastic - is there another way around
> > it?
> > >
> > > Cheers as ever
> > > Nunners
> > >
> > > --
> > > PHP Windows Mailing List (http://www.php.net/)
> > > To unsubscribe, visit: http://www.php.net/unsub.php
> > >
> > >
> > > __________________________________________________
> > > Do You Yahoo!?
> > > Tired of spam? Yahoo! Mail has the best spam protection around
> > > http://mail.yahoo.com
> >
> > --
> > PHP Windows Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >
> >
> >
>
>
>
>
>
>
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
---------------------------------
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
