0

Im starting to make a social network using all php, and I have a class that starts the session in the constructor, with session_start(); and tests if they are logged in. if at the end of that file I call the constructor... $session= new Session();... wouldn't that automatically start the session if I included that file in every page and thus carrying over variables?

WalkingSpheres.com if you wanna see the problem in action, the red error messages are

$errors = " ";
  if(isset($_SESSION['error_array'])){
    foreach($_SESSION['error_array'] as $error)
      $errors .= "<font size='2' color='#ff0000'> $error </font><br />";
    unset($error);

but it tests true EVERY TIME and if you havn't processed any forms yet how can that be true?

Secondly, this is a more structural question. Could anyone discusses the general layout of what classes I would need to make say a face book remake? - Thats broad, ill break it down.

IDEA:
Right now I have a session, database, and I was thinking if itd be smart to make a template class that the user is directed to after logging in which would get database's get methods to setup variables and then call the template which would just use the proper info.

MY HYPOTHESIS
Is this resonable? and if so how would create a "directory" for lack of better word so that when you sent the user to say template.class.php, if you should even send ties in with my lack of understanding about session variables, would you just add ?name='' to the url and get it on the template constructor?

Can I make it apply to any template? like directng them there with ?name=,
?photogallery=true, etc and build my request to the directory and then just direct all my hpyerlinks there?

Finally and lastly, would you create a folder named users in the root and then a folder with their name, a folder for pictures and notes on under that user and loop through a directory to make gallerys?


Thank you any direction would help im feeling overwhelmed and running out of time quickly.

2
Contributors
7
Replies
8
Views
6 Years
Discussion Span
Last Post by tinymark
0

This line tests if the var error_array has been created.

isset($_SESSION['error_array']))

I think you are looking to see if it has a value.

Edited by tinymark: n/a

0

Thanks that definately was a problem but now its doing even weirder things. I went ahead with my idea, at least the start of it, but wanted to get ideas or comments on it before I tried to finish it and waste alot of time or efficency.

The goal is to create a template directory that users are sent to with ?name= and ?request= set and use the GET methods to retrive where the user is trying to go.

<?php
include('Sanitize.php');

class Template{

  var $requests = array('Message','Friends List','Pictures','Notes','Paths');
  var $uid=$session->username;
  var $rid;
    
  public function __constructor(){
    global $infodb;    
    array_walk_recursive($_GET, 'sanitizeVariables');
    if(isset($_GET['name'])){
      $this->rid = $name = $_GET['name'];

	     /* Test if the username even exists */
	if(!$infodb->confirmUsernameTaken($name)){
	  $error= "Username not found, try again!";
	  header('Location: message.php?message=$error');	
 	} 
 	     /*Not requesting, display the users page */
	else{
          if(!isset($_GET['request'])){
            $this->createGeneralDisplay($name);
 	  }  /*Check for each request, make proper display */
	  else{
	    $req=$_GET['request'];
	    if(!in_array($req, $requests){
	      $error = "Where do you think you're going?";
	      header('Location: message.php?message=$error');	    	  
	    }else{
	      $func = "create".$req."Display";
	      $this->$func();
	    }
          }  
        }
     }   /* Mail exception */
     else if($_GET['request'}=='Mail'){     
       $this->createInboxDisplay;          
     }   /*  Sent here without a proper request */  
     else {
       $error = "Something weird happened, try again!"; 
       header('Location: message.php?message=$error'); 
     }
  }
  
  
  public function createGeneralDisplay($displayName){
    /* check if the user is viewing their own page */    
    if(!$session->logged_in)
      $logout = "";
    
    /* if so setup the logout, edit account, admin center */
    if($session->confirmSessionID($name)){
      $logout .= "<div align='center'>
      <a href='editinfo.php?user='.$name.''>[Edit Account]</a><br />
      		<a href='formd.php'>[Logout]</a><br />";
      				
      if($session->isAdmin())
         $logout .="<a href='admin.php'>[Command Central]</a></div";
      else
         $logout .="</div>";
         		              
    }else{
      $error = "Who do you think you are?";
      header('Location: message.php?message=$error');    
    }

    /* Display Comments */
    
        
    include('userd.php');            
  }

  private function createInboxDisplay($uid,$fid){
    
    $this->uid    
  
  }
    
  public function displayFL($uid, $fid){
    set url to name/id
            
  }

  public function userDisplay($ud, $fid){
    if($session->logged_in)
        
  }

}

$temp=new Template();

?>
0

I'm getting a little punchy. Look at this

var $uid=$session->username;

Shouldn't this be $uid = $_SESSION;
Hope this helps.

Edited by tinymark: n/a

0

Sorry $session = new Session() which starts the session, sets session variables, cookies and checks if you logged in in the constructor.

0

My mistake, I use $started=session_start(); when I use sessions. Can you show me the Session() function's code?

Sorry $session = new Session() which starts the session, sets session variables, cookies and checks if you logged in in the constructor.
0
include("http://www.walkingspheres.com/include/database.class.php");
include("http://www.walkingspheres.com/include/mailer.php");
include("http://www.walkingspheres.com/include/form.php");

class Session
{
   var $username;     //Username given on sign-up
   var $sessionid;    //Random value generated on current login
   var $userlevel;    //The level to which the user pertains
   var $time;         //Time user was last active (page loaded)
   var $logged_in;    //True if user is logged in, false otherwise
   var $userinfo = array();  //The array holding all user info
   var $url;          //The page url current being viewed
   var $referrer;     //Last recorded site page viewed
   var $database;

   /**
    * Note: referrer should really only be considered the actual
    * page referrer in process.php, any other time it may be
    * inaccurate.
    */

   /* Class constructor */
   function Session($db){
      $this->time = time();
      $this->databse = $db;
      $this->startSession();
   }

   /**
    * startSession - Performs all the actions necessary to 
    * initialize this session object. Tries to determine if the
    * the user has logged in already, and sets the variables 
    * accordingly. Also takes advantage of this page load to
    * update the active visitors tables.
    */
   function startSession(){
      session_start();   //Tell PHP to start the session

      /* Determine if user is logged in */
      $this->logged_in = $this->checkLogin();

      /**
       * Set guest value to users not logged in, and update
       * active guests table accordingly.
       */
      if(!$this->logged_in){
         $this->username = $_SESSION['username'] = GUEST_NAME;
         $this->userlevel = GUEST_LEVEL;
         $this->database->addActiveGuest($_SERVER['REMOTE_ADDR'], $this->time);
      }
      /* Update users last active timestamp */
      else{
         $this->database->addActiveUser($this->username, $this->time);
      }
      
      /* Remove inactive visitors from database */
      $this->database->removeInactiveUsers();
      $this->database->removeInactiveGuests();
      
      /* Set referrer page */
      if(isset($_SESSION['url'])){
         $this->referrer = $_SESSION['url'];
      }else{
         $this->referrer = "/";
      }

      /* Set current url */
      $this->url = $_SESSION['url'] = $_SERVER['PHP_SELF'];
   }

   /**
    * checkLogin - Checks if the user has already previously
    * logged in, and a session with the user has already been
    * established. Also checks to see if user has been remembered.
    * If so, the database is queried to make sure of the user's 
    * authenticity. Returns true if the user has logged in.
    */
   function checkLogin(){  
      
            /* Check if user has been remembered */
      if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookid'])){
         $this->username = $_SESSION['username'] = $_COOKIE['cookname'];
         $this->sessionid   = $_SESSION['sessionid']   = $_COOKIE['cookid'];
      }

      /* Username and sessionid have been set and not guest */
      if(isset($_SESSION['username']) && isset($_SESSION['sessionid']) &&
         $_SESSION['username'] != GUEST_NAME){
         /* Confirm that username and sessionid are valid */
  if($this->database->confirmSessionID($_SESSION['username'],$_SESSION['sessionid'])!= 0)
         {
            /* Variables are incorrect, user not logged in */
            unset($_SESSION['username']);
            unset($_SESSION['sessionid']);
            return false;
         }

         /* User is logged in, set class variables */
         $this->userinfo  = $this->database->getUserInfo($_SESSION['username']);
         $this->username  = $this->userinfo['username'];
         $this->sessionid    = $this->userinfo['sessionid'];
         $this->userlevel = $this->userinfo['userlevel'];
         return true;
      }

      /* User not logged in */
      else{
         return false;
      }
   }
0

When you use

header('Location: message.php?message=$error');

I think it is best practices to add exit;
Try adding an exit after each header(location).

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.