0

privacy of a system created by php and mysqli..................

hello people 🌼 if there is a system with a login interface so as to let it available only for those users who existing in the database. . but when someone login ,the pages of the system would store in the browser and anyone in the future could use the system! how could make it requires a login again to display the page _ exactly like the facebook when we choose a link with a private page it will ask to log in again . •sorry if there's mistakes, English is not my native language ^__^

29th Nov 2017, 2:03 PM
Ella
Ella - avatar
2 Antworten
+ 4
How are you storing your user data at the moment? Session? Cookies? If you're storing their logged in state in the session, then it'll clear out when they close their browsers; otherwise, they should remain logged in until they do. If you're using cookies, you could just set the expiration time on it, and then if they're inactive when it expires, they'll have to log in again when they return. As well, in your PHP code, you can simply destroy their session/cookie whenever you need to, and it'll force them to log in again. If you're wanting this to happen on certain pages, even if they're logged in already, then you could just have a separate variable that checks if you already passed the additional layer of logging in, and if not, display login to proceed further. All of the above can be things stored from the database also, so it isn't limited to just the session/cookie data. Use discernment when considering your security and to what extent certain data should be secured. Database will always be more secure than your session or cookie data. Honestly, there is many ways to go about this, so I'm not going to keep listing them. Best of luck! If you already got code, post it up and we can assist further.
29th Nov 2017, 2:25 PM
AgentSmith
+ 1
this was very helpful thanks alot . @netkos
29th Nov 2017, 3:07 PM
Ella
Ella - avatar