want to make SESSION function

Question

rjusman90 0 Junior Poster in Training

10 Years Ago

this is my SESSION code i want to make function of it
is this posible?
i am new in php i want your help
please guide me

<?php

include "connection.php";
$result = mysql_query("SELECT * FROM new WHERE Email='" . $_POST['email'] . "' and Password = '". $_POST['pass']."'");
$row  = mysql_fetch_array($result);
if(is_array($row)){
$_SESSION["ID"] = $row['ID'];
$_SESSION["Email"] = $row['Email'];
$_SESSION["Title"] = $row['Title'];
    }
     else {
            echo "Invalid details!";
            }
if(isset($_SESSION["ID"])){
echo"welcome</br>".  $_SESSION["Title"];
echo"</br><a href='logout.php'>Log out</a>";
}

?>

php

3 Contributors
2 Replies
174 Views
9 Hours Discussion Span
Latest Post 10 Years Ago Latest Post by diafol

diafol

10 Years Ago

This is a pretty broad question as we don't know whether you want to lump in the login routine to the session storing routine. In addition you'd probably do better to make an authentication class. In addition PLEASE DO NOT USE mysql_* functions, they've been deprecated. Use PDO or mysqli instead.

Without going all OOP on you, we can create a halfway house solution with functions.

session_start();

//FROM HERE ----
function PDO_connect($host, $database, $username, $password='')
{
   try {
        $pdo = new PDO("mysql:host=$host;dbname=$database",$username,$password);
        return $pdo;
    } catch (PDOException $e) {
        echo 'Exception: ' . $e->getMessage();
    }
}

function login($pdo, $username, $pw)
{
   $stmt = $pdo->prepare("SELECT `ID`, `Title`, `Password` FROM `new` WHERE `Email` = ? LIMIT 1");
   $stmt->execute($username);
   if($stmt->rowCount())
   {
       $userData = $stmt->fetch(PDO::FETCH_ASSOC); 
       if(password_verify($pw, $userData['Password']))
       {
           if(store_session($userData))
           {
               unset($userData['Password']);
               return $userData;
           }    
       }
   }
   return false;
}

function store_session($data)
{
    $_SESSION['ID'] = $data['ID'];
    $_SESSION['Title'] = $data['Title'];
    return true;
}
// ---- TO HERE can be placed in an include file

Usage:

include('functions.php');
if (isset($_POST['Email']) && isset($_POST['Password']) && $Email = filter_var($_POST['Email'], FILTER_VALIDATE_EMAIL)) 
{
    $pw = password_hash($_POST['Password'], PASSWORD_BCRYPT, array('cost'=>11) );
    //pw field needs to be 60 chars long for BCRYPT algorithm)
    $pdo = PDO_connect('localhost','mydb','root');
    if($ret = login($pdo, $email, $pw)
    {
        "Welcome</br>".  $ret["Title"] . "<br /><a href='logout.php'>Log out</a>";
    }else{
        echo "Invalid details!";
    }
}

Just an idea, not really production code.

Edited 10 Years Ago by diafol

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

katarey 27 Junior Poster · Answer 1 · 2014-08-27T14:39:16+00:00

Hi,

you can create function like this.

    <?php
    ob_start();
    session_start();
    include "connection.php";
    function loginFunc($username, $password){
        $result = mysql_query("SELECT * FROM new WHERE Email='" . $username . "' and Password = '" . $password . "'");
        $row  = mysql_fetch_array($result);
        if(is_array($row)){
            $_SESSION["ID"] = $row['ID'];
            $_SESSION["Email"] = $row['Email'];
            $_SESSION["Title"] = $row['Title'];
        } else {
            echo "Invalid details!";
        }

        if(isset($_SESSION["ID"])){
            return "welcome</br>".  $_SESSION["Title"] . "<br /><a href='logout.php'>Log out</a>";
        } else {
            return "";
        }
    }
    echo loginFunc($_POST['email'], $_POST['pass'])
    ?>