0

How user login info is send to other pages from the login page

For example take Facebook, User enters username and password in the login page . but, 1.how the login data is send to other (upcoming )pages. 2. how does the other pages know " is the user logged in or not ? " please explain the process . if possible give example . Thanks in Advance ! !

2nd Jan 2017, 5:08 PM
Sugash Rajavelu
Sugash Rajavelu - avatar
2 Answers
+ 3
Probably using sessions ($_SESSION) when the user logs in, a session is created, that session can contain the id or the name of the user. Example: $_SESSION["id"] = 1 Then, when he goes to the other page, you query the database for example SELECT name, lastName FROM UsersTable WHERE id = $_SESSION["id"] if the $_SESSION["id"] is null or is not created yet, we redirect them to the login page, saying you are not logged in, stuff like that.
2nd Jan 2017, 5:16 PM
Uran Kajtazaj
Uran Kajtazaj - avatar
+ 1
After passing the login through a User Management Class, I store the login in a session variable.. i.e. $_SESSION['isLoggedIn'] = true with the user id number, their usergroup if needed, and how long to keep the session alive in all or inactive. DO NOT pass variables straight into a query, use your library's sanitation to avoid SQL injection. $_SESSION and other predefined globals can be faked. PDO: try{ $q = $this->pdo->prepare("SELECT username,usergroup FROM users WHERE userid=:userid"); $q->bindParam(":userid",$userid,PDO::PARAM_INT); $q->execute(); /**loop through the query results using $q->fetchAll(PDO::FETCH_ASSOC) and update your session values. It's also a good idea to pair their userid and IP together, the more variables you use to try and validate the user the better... up to a point. If you include too many ways, the application slows down**/ }catch(PDOException $e){ error_log($->getMessage()); return 0; }
3rd Jan 2017, 4:54 PM
Louis Milotte
Louis Milotte - avatar