To session, or not to session?

Forum Moderators: coopster

Message Too Old, No Replies

To session, or not to session?

For a simple client log-in task

neophyte

3:33 pm on Dec 13, 2004 (gmt 0)

I'm just learning php, but I'm coming along with it. I do have a question related to sessions:

I'm just doing a practice script which, in the real world, would accept a log-in and password (from 2 form elements). The submit button would then look up this info in the database. If both login and pass match the same row in the db, a user-specific page would be served to the screen.

This would be like a client log in to look at the ongoing development of a project.

So, not knowing much about it (yet) I thought about sessions and wondered if this would be appropriate to this kind of task, or if it would somehow be overkill.

If it is the "right" thing to use for this kind of task, can someone explain to me why? I can't really get my head around the advantage of using sessions. I've Googled "what are sessions, php" but am not finding anything particulary useful to enlighten me on what exactly they should (and shouldn't) be used for.

Thanks to all in advance,

Neophyte

RonPK

4:50 pm on Dec 13, 2004 (gmt 0)

Sessions enable you to store all sorts of information in an array that exists across page requests. So if you need to pass information from one page to another, with sessions you won't need to use awful long query strings or tons of hidden form fields.

The downside is that only scripts have access to sessions. If you need to 'protect' all the files in a directory, including for example images, you'll have to use HTTP authentication.