this is my SESSION code i want to make function of it
is this posible?
i am new in php i want your help
please guide me

<?php

include "connection.php";
$result = mysql_query("SELECT * FROM new WHERE Email='" . $_POST['email'] . "' and Password = '". $_POST['pass']."'");
$row  = mysql_fetch_array($result);
if(is_array($row)){
$_SESSION["ID"] = $row['ID'];
$_SESSION["Email"] = $row['Email'];
$_SESSION["Title"] = $row['Title'];
    }
     else {
            echo "Invalid details!";
            }
if(isset($_SESSION["ID"])){
echo"welcome</br>".  $_SESSION["Title"];
echo"</br><a href='logout.php'>Log out</a>";
}

?>

Hi,

you can create function like this.

    <?php
    ob_start();
    session_start();
    include "connection.php";
    function loginFunc($username, $password){
        $result = mysql_query("SELECT * FROM new WHERE Email='" . $username . "' and Password = '" . $password . "'");
        $row  = mysql_fetch_array($result);
        if(is_array($row)){
            $_SESSION["ID"] = $row['ID'];
            $_SESSION["Email"] = $row['Email'];
            $_SESSION["Title"] = $row['Title'];
        } else {
            echo "Invalid details!";
        }

        if(isset($_SESSION["ID"])){
            return "welcome</br>".  $_SESSION["Title"] . "<br /><a href='logout.php'>Log out</a>";
        } else {
            return "";
        }
    }
    echo loginFunc($_POST['email'], $_POST['pass'])
    ?>
Member Avatar

diafol

This is a pretty broad question as we don't know whether you want to lump in the login routine to the session storing routine. In addition you'd probably do better to make an authentication class. In addition PLEASE DO NOT USE mysql_* functions, they've been deprecated. Use PDO or mysqli instead.

Without going all OOP on you, we can create a halfway house solution with functions.

session_start();

//FROM HERE ----
function PDO_connect($host, $database, $username, $password='')
{
   try {
        $pdo = new PDO("mysql:host=$host;dbname=$database",$username,$password);
        return $pdo;
    } catch (PDOException $e) {
        echo 'Exception: ' . $e->getMessage();
    }
}

function login($pdo, $username, $pw)
{
   $stmt = $pdo->prepare("SELECT `ID`, `Title`, `Password` FROM `new` WHERE `Email` = ? LIMIT 1");
   $stmt->execute($username);
   if($stmt->rowCount())
   {
       $userData = $stmt->fetch(PDO::FETCH_ASSOC); 
       if(password_verify($pw, $userData['Password']))
       {
           if(store_session($userData))
           {
               unset($userData['Password']);
               return $userData;
           }    
       }
   }
   return false;
}

function store_session($data)
{
    $_SESSION['ID'] = $data['ID'];
    $_SESSION['Title'] = $data['Title'];
    return true;
}
// ---- TO HERE can be placed in an include file

Usage:

include('functions.php');
if (isset($_POST['Email']) && isset($_POST['Password']) && $Email = filter_var($_POST['Email'], FILTER_VALIDATE_EMAIL)) 
{
    $pw = password_hash($_POST['Password'], PASSWORD_BCRYPT, array('cost'=>11) );
    //pw field needs to be 60 chars long for BCRYPT algorithm)
    $pdo = PDO_connect('localhost','mydb','root');
    if($ret = login($pdo, $email, $pw)
    {
        "Welcome</br>".  $ret["Title"] . "<br /><a href='logout.php'>Log out</a>";
    }else{
        echo "Invalid details!";
    }
}

Just an idea, not really production code.