hey -
which do you think would be best to do this
i have a site that members login too... every member has an id which is used o every page like url.page?id=6 or whatever.... but i want it so that if the id is not there own ie not the one they loged in from the site kicks them out... how should i go about this?
thanks :)
P :thumbsup:

I would use a session. Its easy to start_session() at the begining of every page.

When they login in you could

start_session()

then

session_register('userid');

after you have verified the user.

then on every page use

sesssion_start()
if ($userid==""){
session_unset();
session_destroy();
echo "<META http-equiv=\"refresh\" content=\"1;url=index.php\">\n";
exit;
}

It keeps the URL clean and kicks anybody out who dosen't have a session.

Thats my 2¢s

Steve

ok cheers Steve :)
problem tho. i put those two lines in and got this error.
Fatal error: Call to undefined function: start_session() in
any ideas/
thanks :confused::thumbsup:

Try session_start(); instead of start_sesion.

http://www.php.net/manual/en/function.session-start.php

The session can be set to try and use a cookie (with the session id), if you want. If the cookie can't be set, then it encodes it in the URL.

thanks Kiwi :)
i tried that andno it doesnt error however.. if i like in .. it goes to the meta refresh even if the session var has been set i cant seem to work out why.
any ideas?

i dont think its creatin a session var

Did you also register the sesion variable?

ok so ive noticed the addy bar that it is registerin the var however it doesnt look like its passing it to the next page :(

Are you using phpdev? If so, I had a similar problem: this might help (http://www.codingforums.com/showthread.php?s=&threadid=11451). Basically, you have to make sure that your php.ini is correct.

If not, find the session file (it will be in the folder you specify in your php.ini) and see if the variable is being written to the file. If it is, then check that you're restarting the session on the new page. If that doesn't work, then I really don't know what the problem is.

hey again
i am using phpdev but that dont seem to be the prob.
ok so its saving the var in a temp dir
as "sess_big long number" and inside that file all it says is
"!userid|"
is this correct?
thanks :)

ps - do i have to register it on every page as well as startin it?

Have session_start(); on all the pages you want to use the session on, and you don't have to register the session on all the pages.

That's the session file you've found. It looks as if the variable is not being registered properly. You need to register the session variable after it's value has been set.

As Nightfire said, you need to start the session on each page. So, on any page that uses sessions:
1. The first thing you do is start the sesion.
2. You can then refer to the session variables in the page.
3. The last thing you do is re-register any variables to the session that have been changed on the page.

thanks.
i work out the problem. it didnt like some headers i was usin on teh same page it starts and registers it.
sorted now
thanks ;)