php advanced session database?

Forum Moderators: coopster

Message Too Old, No Replies

php advanced session database?

Is it normal to make a user_session table in database?

GamingLoft

9:35 pm on Feb 4, 2008 (gmt 0)

Ok i am making a user system for my site and i have never used PHP sessions before so i have no idea how they work but i wanted to use a type of MYSQL session thing..

like in the mysql table i would have


session id,
type, (0=active 1=inactive) 
//so when users sign out session becomes inactive 
username, 
password, 
ip, 
time logged in, 
time session ends,

then on every page it'd check if the session id, (which would be encoded in the url? i guess) check if its valid?

anyways i have no idea where to start any tutorials would be awesome.

xx, Thanks:)

///EDIT

also any oppinions or reasoning that this is good/bad would be much appreciated. thanks again.

[edited by: GamingLoft at 9:38 pm (utc) on Feb. 4, 2008]

eelixduppy

9:59 pm on Feb 4, 2008 (gmt 0)

You might want to take a look at the following threads as it will help you with some of the basic mysql/php stuff:
[webmasterworld.com...]
[webmasterworld.com...]

You may also want to look at session_set_save_handler [php.net] as you can make your own handler and actually store the session information into a table for more security.

GamingLoft

10:42 pm on Feb 4, 2008 (gmt 0)

thanks for replying, but i was looking for something along the lines of how PHPbb (fourm software works)

like the randomly generated "sid" or session id is included in the url, and this is what assures the person is acutally who they are logged in as.

i know all the mysql functions like insert delete, etc no need to view the thread with that. but thanks a lot.

here is a example of a url i took logged in on a phpBB forum..

http://example.com/forums/index.php?sid=752beb934dcc0cod31441124f7f5f859