The way I use sessions is:
session_start();
........ do some database connection and checking here.....
if (condition is met) {
$_SESSION['valid_user'] = $_POST['login'];
}Is this approach safe ?? Pl let me know. Also I use if (isset($_SESSION['valid_user'] ) ) to check if the user is logged in on secure pages.
Please comment.
Thanks in advance Pushpinder Singh ___________________ Web Dev
On Tuesday, March 23, 2004, at 10:38 AM, Andy B wrote:
first $_SESSION works like this:
session_start(); $_session[user]=$_POST[user];//if using register_globals=off $_SESSION[user]=$user;//if register_globals=on..unsafe though
