|
PHP - Array And Session
why is it that i have to click add to cart 2 time inorder for the eventname and eventinfo to show up
if i click one time it add to the cart but it shows nothing Code: [Select] <?php //if user attempts to add something to the cart if (isset($_POST['tid'])) { $tid = $_POST['tid']; $howmany = $_POST['howMany']; $wasFound = false; $i = 0; // If the cart session variable is not set or cart array is empty if (!isset($_SESSION["cart"]) || count($_SESSION["cart"]) < 1) { // RUN IF THE CART IS EMPTY OR NOT SET $_SESSION["cart"] = array(1 => array("item_id" => $pid, "quantity" => $howmany)); } else { // RUN IF THE CART HAS AT LEAST ONE ITEM IN IT foreach ($_SESSION["cart"] as $each_item) { $i++; while (list($key, $value) = each($each_item)) { if ($key == "item_id" && $value == $tid) { //there will recive a message $msg = "Item is already in the cart"; $wasFound = true; } // close if condition } // close while loop } // close foreach loop if ($wasFound == false) { array_push($_SESSION["cart"], array("item_id" => $tid, "quantity" => $howmany)); } } header("location: cart.php"); exit(); } ?> <?php //render the cart for the user to view on the page $cartOutput = ""; $cartTotal = ""; $product_id_array = ''; if (!isset($_SESSION["cart"]) || count($_SESSION["cart"]) < 1) { $cartOutput = "<h2 align='center'>Your shopping cart is empty</h2>"; } else { // Start the For Each loop $i = 0; foreach ($_SESSION["cart"] as $each_item) { $item_id = $each_item['item_id']; $sql = mysql_query("SELECT * FROM events WHERE id='$item_id' LIMIT 1"); while ($row = mysql_fetch_array($sql)) { $eventname = $row["eventname"]; $eventinfo = $row["eventinfo"]; $studentsprice = $row["studentsprice"]; } //adding the price of the tickets //getting the total $totalprice = $studentsprice * $howmany; setlocale(LC_MONETARY, "en_US"); //this will amke it so it looks like real money $totalprice = money_format("%10.2n", $totalprice ); $cartOutput = ""; //this is the table the will replace the table row below //this is in order $cartOutput.= "<tr>"; $cartOutput .= "<td>".$eventname."</td>"; $cartOutput .= "<td>".$eventinfo."</td>"; $cartOutput .= "<td>".$studentsprice."</td>"; $cartOutput .= "<td>".$howmany."</td>"; $cartOutput .= "<td>".$totalprice."</td>"; $cartOutput .= "<td>".X."</td>"; $cartOutput .= "</tr>"; } } ?> Similar TutorialsHello all, I have an error handler that I need to append messages to (First name not right, Last name not right, etc) I'm using a session array to handle all error messages titled GORB. How come this code won't work? $_SESSION['GORB']['message'][] = "First name wrong"; $_SESSION['GORB']['message'][] = "Last name wrong"; How can I get it to work? I already have the handler output written and functioning fine, I just need to get it to loop over an array of errors instead of just one. how do i set a session array? e.g. set session with variable $value = 13. then set the next $value = 15 . = 13 and [1]=15 how do i set this session. up? so it keeps on updating the array I am trying to send some arrays to another page using sessions. The first array I send works fine when I simply print the array on the next page but the second and third arrays are not being created. Code Code: [Select] <?php require("dbconn.php"); $query = mysql_query("SELECT username, idcustomers FROM customers WHERE username='$customeruser' "); if (!$query) { die('Invalid query: ' . mysql_error());} $row = mysql_fetch_assoc($query); echo $row['username']; $id=$row['idcustomers']; echo $id; $productquery = mysql_query("SELECT productid, price1, price2, price3, price1_type, price2_type, price3_type, prod_name, price_det FROM product_pricing WHERE idcustomers='" . mysql_real_escape_string($id) . "' ORDER BY productid"); if (!$productquery) { die('Invalid query: ' . mysql_error());} $counter = 1; $itemcode_array = array(); while ($row = mysql_fetch_assoc($productquery)) { ?> <tr class="ordertable"> <td class="table_item" name="itemcode<?php echo $counter;?>"><?php echo $row['productid']; ?></td><?php $itemcode_send = $row['productid']; array_push($itemcode_array, $itemcode_send); ?> <td class="table_name" name="prodname<?php echo $counter;?>"><?php echo $row['prod_name']; ?></td><?php $prod_name_send = $row['prod_name']; array_push($prodname_array, $prod_name_send); ?> <td class="table_pdet" name="prod_det<?php echo $counter;?>"><?php echo $row['price_det']; ?></td><?php $price_det_send = $row['price_det']; array_push($pricedet_array, $price_det_send); ?> <td class="table_price" name="price1<?php echo $counter;?>"><?php echo $row['price1_type']; ?> $<?php echo $row['price1']; ?></td> <td class="table_quant" name="quant1"><input type="text" name="quant1<?php echo $counter;?>" size="4" /></td> <td class="table_price" name="price2<?php echo $counter;?>"><?php echo $row['price2_type']; ?> $<?php echo $row['price2']; ?></td> <td class="table_quant" name="quant2"><input type="text" name="quant2<?php echo $counter;?>" size="4" /></td> <td class="table_price" name="price3<?php echo $counter;?>"><?php echo $row['price3_type']; ?> $<?php echo $row['price3']; ?></td> <td class="table_quant" name="quant3"><input type="text" name="quant2<?php echo $counter;?>" size="4" /></td> <td class="table_note" name="notes"><input type="text" name="note<?php echo $counter;?>" size="28" /></td> </tr> <?php ($counter++); } ?> <?php mysql_close($dbConn); ?> </table> <p><input type="submit" name="submit" value="Confirm" /> <input type="reset" /></p> </form> <?php print_r($prodname_array); $_SESSION["itemcode"] = $itemcode_array; $_SESSION["prodname"] = $prodname_array; $_SESSION["pricedet"] = $pricedet_array; ?> There is some redundant and error testing code in there. The problem is $prodname_array; and $pricedet_array; are not being created even though $itemcode_array which is created the same way works fine. All values from the database are being displayed correctly (eg $row['prod_name']. Hello Everybody,
i have shopping-cart with session_product.
i add arrays per button to the session.
i want get the shipping1 and shipping2 fields from the array where the field qty great is or equal to 2 >= 2.
i did this manualy in my example to get shi1 and shi2 lines 15 and 16.
how can i get shipping1 and shipping2 automaticly?
thank you very much for your help.
here is my code
01.<?php
02.$maxshipping1=0;
03.foreach ($_SESSION['products'] as $pro1) {
04.$maxshipping1 = max($maxshipping1, $pro1['shipping1']); }
05.?>
06.<?php
07.$maxshipping2=0;
08.foreach ($_SESSION['products'] as $pro2) {
09.$maxshipping2 = max($maxshipping2, $pro2['shipping2']); }
10.?>
11.<?php
12.$maxqty=0;
13.foreach ($_SESSION['products'] as $quant) {
14.$maxqty = max($maxqty, $quant['qty']); }
15.$shi1 = $_SESSION["products"][0]["shipping1"];
16.$shi2 = $_SESSION["products"][0]["shipping2"];
17.?>
the Arrays looks like the following:
Array
(
[0] => Array
(
[product] => Orangensaft 0,3l
[code] => 5
[qty] => 3
[price] => 2.99
[shipping1] => 5
[shipping2] => 7
)
[1] => Array
(
[product] => Kuchen
[code] => 3
[qty] => 1
[price] => 2.95
[shipping1] => 4
[shipping2] => 6
)
[2] => Array
(
[product] => Burger 200g
[code] => 4
[qty] => 1
[price] => 3.95
[shipping1] => 1
[shipping2] => 3
)
[3] => Array
(
[product] => Pizza Pollo
[code] => 2
[qty] => 1
[price] => 5.95
[shipping1] => 2
[shipping2] => 4
)
[4] => Array
(
[product] => Sake Maki Lachs, 6 St�cke Pommes
[code] => 4236134485469
[qty] => 1
[price] => 2
[shipping1] => 1
[shipping2] => 2
)
)
Hi All, I'm running trying to add key and values to an array on multiple pages, but it seems to override the array each time I add variables on the next page, even though the keys are different. Each page has something like this: Code: [Select] <label class="yes"><input type="radio" name="form_field[<?php echo "number".$f1; ?>]" value="0" > Yes</label> <label class="no"><input type="radio" checked="checked" name="form_field[<?php echo "number".$f1; ?>]" value="1" > No</label> <label class="unsure"><input type="radio" name="form_field[<?php echo "number".$f1; ?>]" value="2" > Unsure</label> I then collect it as well as other page variables with: Code: [Select] session_start(); foreach($_POST as $name => $value) { $_SESSION[$name] = $value; } on all following pages. But rather than adding to the array it writes over it each time. Any ideas on what's going wrong here. Should the array simply be able to continue to collect the keys or do I need to do something else? Thanks. Hello everyone and thanks in advance for the help. I am working on a permission system for a site I am creating that will be used to restrict access to various areas of the site. I have a table with all the permission that is linked to a group that the user is a member of. I then use a query to get a list of the permission ids the user is part of and put those into the session array. I used a basic login script I found online I planned on modifying to add my own features and to make more secure. Originally it had just a member id and member name variable in the session array saved in the login script which are both working fine after login. I am using a dynamic variable to set one session variable for each permission with the id being the changing part in the variable name. The problem I found is that the new variables are not being set. When i removed the redirect from my login script so I could check the problem I found that the temp variable, which is also set before it saves to the session array, is blank as well. If I hit refresh on my browser the new variables become set and all is well. I was talking to nvee in irc chat who said I need to make a function on the page I am redirected to that checks if the variable exists. I looked through the original code of the login script I am using and found that this seems to be how they did it as well so I added an if statement to my index page to check if the variable has a value with and without using if isset. In both cases the new variable is still not getting set. He also gave me some pointers to help make my login checks more secure but the main thing IM concerned with right now is to make my new permission variables accessible to the session. My login script is available in my pastebin. Hi Guys, How can I send a session array through the URL and then use the values on the other page to create an SQL query? Any Ideas? Thanks in advance. Ed Hi Guys, I am having a small problem with an array. I want to push information from a form into an array. However each time I do it it just replaces the last entry in the array with the information in stead of adding a new value to the array. Code: [Select] <?php // if generate is pressed if(isset($_POST['generate'])){ // get values from form $name = htmlspecialchars($_REQUEST['add']); array_push($stack, $name); print_r($stack); } ?> Can anybody help? Thanks Ed Hi Everyone, I'm building a custom shopping cart. I'm having trouble getting my code to work on a production server that is running PHP version 5.2.17. My test machine is running version 5.3.0 and the code works just fine. I do not have the ability to upgrade the version of PHP on the production machine. Here is part of my code. If we can fix this, I can fix the other switch cases: //this code adds the item to the cart and creates an array and session variable for the cart. The array is multidimensional (item id1 => quantity, item id2 => quantity, item id3 => quantity and so on...). if (isset($_GET["action"])) { $action = $_GET["action"]; $id = $_GET["id"] ; $q = $_GET["quantity"]; $cart = array(); switch ($action) { case "add": if ($_SESSION["cart"]) { $cart = $_SESSION["cart"]; if (array_key_exists($id,$cart)) { $cart[$id] = $cart[$id] + $q; } else { $cart[$id] = $q; } } else { $cart[$id] = $q; } $_SESSION["cart"] = $cart; break; } } //this code displays the cart array if ($_SESSION["cart"]) { $cart = $_SESSION["cart"]; foreach($cart as $key => $value) { $runQ1 = mysql_query("SELECT * FROM products WHERE id='$key'") or die(mysql_error()); $results = mysql_fetch_array($runQ1); print "<table><tr><td>$results[1]</td><td>$results[2]</td><td>$results[3]</td><td>$results[4]</td></tr></table>"; } } else { print "<table><tr><td>There are no items in your shopping cart.</td></tr></table>"; } The cart session variable is being set but it is only holding one item at a time. If I add a second item to the cart, the 1st item disappears and only the second one is present in the session variable and the table. I'm not sure if it is a session problem or an array problem. Please help before I lose all of my hair! I don't understand why this code works on 5.3.0 and not 5.2.17... Thanks in advance! -Isaac I am trying to create a website that after you receive an email you have to use the email address and password to confirm account. Then the next page allows you to change your password. I want to save the users email from the first page and use it in the SQL statement in the second page to locate the user in the DB and update the data. There must be some problem with the way I have my code logically set up. It will make it to the 2nd step but then it will go back to the main email confirmation page. <?php include('common.php'); include('db.php'); session_start(); session_register('umail'); session_register('password'); session_register('pwd1'); session_register('pwd2'); if(!isset($_POST['email']) && !isset($_POST['password'])) { ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "BLOCKED URL"> <html> <head> This is a test of my patience</head> <meta http-equov="Content-Type" content="text/html; charset=iso-8859-1"/> </head> <body> <form method="post" action="<?=$_SERVER['PHP_SELF']?>"> Email: <input type="text" name="email" size="8" /> password:<input type="password" name="password" size="8" /> <input type ="submit" name ="submit" value ="submit" /> </form> </body> </html> <? exit; } else { $umail = $_SESSION['umail'] = $_POST['email']; $password = $_SESSION['password'] = $_POST['password']; dbConnect("web2"); $sql ="SELECT * FROM `user` WHERE email ='$umail'"; $result = mysql_query($sql); $row = mysql_fetch_assoc($result); if(!$result) error('Contact DB admin'); if($result='') error('not in db'); if($_SESSION['umail'] != $row['email'] && $_SESSION['password'] != $row['password']) error('Wrong email or password'); } if(!isset($_POST['pwd1']) && !isset($_POST['pwd2'])) { ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "BLOCKED URL"> <html> <head> This is a test of my patience</head> <meta http-equov="Content-Type" content="text/html; charset=iso-8859-1"/> </head> <body> <form method="post" action="<?=$_SERVER['PHP_SELF']?>"> password: <input type="text" name="pwd1" size="8" /> password confirmation:<input type="password" name="pwd2" size="8" /> <input type ="submit" name ="submit" value ="submit" /> </form> </body> </html> <? } else { $pwd1 = $_SESSION['pwd1'] = $_POST['pwd1']; $pwd2 = $_SESSION['pwd2'] = $_POST['pwd2']; if($_SESSiON['pwd1'] == $_SESSION['pwd2']) { dbConnect("web2"); mysql_query("UPDATE user SET password ='$pwd1' WHERE email ='$umail'"); $sql="SELECT * FROM 'user' WHERE email='$umail'"; $result = mysql_query($sql); $row = mysql_fetch_assoc($result); if($_SESSION['pwd1'] != $row['password']) { ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "(BLOCKED URl"> <html> <head> This is a test of my patience</head> <meta http-equov="Content-Type" content="text/html; charset=iso-8859-1"/> </head> <body> <form method="post" action="<?=$_SERVER['PHP_SELF']?>"> password: <input type="text" name="pwd1" size="8" /> password confirmation:<input type="password" name="pwd2" size="8" /> <input type ="submit" name ="submit" value ="submit" /> </form> </body> </html> <? } else { error(' the man'); session_unset(); session_destroy(); } } } ?> I have created a session array on one page and stored some values as $_SESSION['users'] = array( "id" => $row['id'], "fname" => $row['ufname'], "lname" => $row['ulname'] ); and then on another page I have some more values for the same session array "boss" => $row['bossid'], "tasks" => $row['tasks'], "timeframe" => $row['tframe'] I want to add these values into session array both keys and values. is there any way of doing this? Please help Hi everyone, I am very new to PHP and trying to learn so please bear with me. I have a simple form which passes fields to a PHP script: <form method="post" action="cartaction.php"> <p> <input type="submit" name="submit" value="Buy" /> <input type="hidden" name="cartaction" value="add" /> <input type="hidden" name="item" value="steelcasserole" /> </p> </form> I am trying to produce a shopping cart type page which will display the item(s) purchased. The problem is I have more than one submit button on the page for different products but with the same fields. I have tried to create the cartaction.php script to save the information from the form in a session variable which will allow me to output the item(s) purchased into this page prior to sending everything to a checkout page. I can get the information to appear for a single item but the problem is I want to output the details for each product added to the cart. At the moment, when I go back to the products page and try to add a new item to the shopping cart it just replaces the previous item that was there rather than retaining it and adding a new item underneath. I realise its probably really obvious but I am really new to this and getting myself confused! Any help on how to add an item then be able to go back to the products page (with the submit buttons for each product) and add a new item underneath the existing item in the shopping cart would be much appreciated! The code I have so far is: $submit = $_POST["submit"]; //If form is submitted, call the function and save all data into the array $_SESSION['form'] if($submit = "Buy"){setSessionVars();} function setSessionVars() { foreach($_POST as $fieldname => $fieldvalue) { $_SESSION['form'][$fieldname] = $fieldvalue; } echo "<table> <tr> <td>" .'<img src="images/'.$_SESSION['form']['item'].'.jpg"' . "<td/> <td>" . $_SESSION['form']['item'] . "</td> <td>" . '<input type="text(30)" name="value" value="1" /> <input type="submit" name="puchasednum" value="Update This One Item" />' . "</td> </tr> </table>"; }; ?> I have the session_start() function at the very top of every page. I have also attached the entire files for the two pages I talk about above. Thanks Graham When I remove 1 session item using this it works fine when I select more than 1 item to be removed I get unexpected results, I have checked the outputted html to see what positions get echoed into the remove check box and they are correct, so I guess the problem lies in my remove code here is the part of the form that sends the remove check box <?php for ($basket_counter=0;$basket_counter<$_SESSION['ses_basket_items'];$basket_counter++) { $price=sprintf("%01.2f",$ses_basket_price[$basket_counter]); $quantity=$ses_basket_amount[$basket_counter]; $code=$ses_basket_stockcode[$basket_counter]; $itemID=$ses_basket_id[$basket_counter]; $name=$ses_basket_name[$basket_counter]; $image=$ses_basket_image[$basket_counter]; $size=$ses_basket_size[$basket_counter]; $sizechoice=$ses_basket_sizechoice[$basket_counter]; // create array from sizes and make the option box selections if ($sizechoice!="" && (!in_array($sizechoice, array('One Size', 'one size', 'free size', 'Free Size', 'Adjustable', 'adjustable')))) { // add size trigger $sizelist="add"; //create the array $sizepick=explode(",", $sizechoice); } else { $sizepick=$sizechoice; } // adjust gst for AU customers if ($country=='AU') { $price=sprintf("%01.2f",($price*1.1)); $unit=sprintf("%01.2f",($price/$quantity)); } else { $unit=sprintf("%01.2f",($price/$quantity)); } ?> <tr> <td align='center' class='rescon' style="border-bottom:solid #330000 1px;"><input type="checkbox" name="remove[<?php echo $basket_counter; ?>]" value="<?php echo $basket_counter; ?>" /></td> and here is the part of the code that processes the removal of the items $remove = $_POST['remove']; if (isset($remove) && ($remove!='')) { foreach($remove AS $key => $remove_position){ array_splice ($ses_basket_name, $remove_position, 1); array_splice ($ses_basket_amount, $remove_position, 1); array_splice ($ses_basket_price, $remove_position, 1); array_splice ($ses_basket_stockcode, $remove_position, 1); array_splice ($ses_basket_image, $remove_position, 1); array_splice ($ses_basket_size, $remove_position, 1); array_splice ($ses_basket_sizechoice, $remove_position, 1); array_splice ($ses_basket_id, $remove_position, 1); $_SESSION['ses_basket_items']--; } } I am using a form with checkboxes named remove[$remove_position] and the positions in the form are correct for each item in the array, but when I select more than 1 item to delete they are not always the correct items only the first 1 selected. What am I doing wrong here??
I want to use array_pop to remove the last item added to the SESSION array. So it would remove the REQUEST item. The problem is that nothing is left in the session array because I pop off the last item each time that the form is submitted. Maybe I need to use array_push to push the popped items back on to the SESSION array after the logic has been applied. I don't understand how array_pop is supposed to work on a SESSION array. Can anyone explain to me what behaviour to expect? I expected to get a SESSION array with the REQUEST item removed but I thought that I would still have all of my SESSION items. When I use the following code, it doesn't print out "test" until after I refresh the page. unset($_SESSION["product"]);
if ( !empty($_SESSION["product"]) && ($_SESSION["product"] != NULL)) { When I use: var_dump($_SESSION["product"]); It shows: array(0) { } I'm wondering it that's the problem. That it's array(0) when it should be array(). I am having trouble resolving an error. Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/s519970/public_html/header.php:27) in /home/s519970/public_html/admin/login.php on line 2 What I can gather is I can't use "header (Location: 'admin.php')" after i've used session_start(). I have tried to replace the header (Location: 'admin.php') with this: echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; I've been trying to read up on solutions but haven't been able to get it sorted. If anyone can offer some advice that would be greatly appreciated as im new to php. Code: [Select] <?php session_start(); if(isset($_SESSION['user'])) echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; ?> <div id="loginform"> <form action="dologin.php" method="post"> <table> <tr> <td><span>Username:</span></td> <td><input type="text" name="username" /></td> </tr> <tr> <td><span>Password:</span></td> <td><input type="password" name="password" /></td> </tr> <tr> <td colspan="2" align="right"><input type="submit" name="login" value="Login" /></td> </tr> </table> </form> </div> I have tried using require_once('yourpage.php'); before my <head></head> tags in the header document where I've specified the html information but this doesn't seem to work. I've been advised to use ob_start("ob_gzhandler"); but I am not sure how to implement this. Any advice is greatly appreciated! in this page http://maximaart.com/newscp/ i have this problem Code: [Select] Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/maximasy/public_html/newscp/index.php:1) in /home/maximasy/public_html/newscp/index.php on line 2 my source code is <?php session_start(); include_once("config.php"); include_once("functions.php"); $errorMessage = ''; if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { if ($_POST['txtUserId'] === "$user" && $_POST['txtPassword'] === "$pass") { // the user id and password match, $_SESSION['basic_is_logged_in'] = true; require("main.php"); exit;?> I am trying to create an index page which contains registration and login field the problem that i get is on successful login a warning is displayed session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\Eventz.com\index.php:116) in C:\xampp\htdocs\Eventz.com\index.php on line 235 This is the login part of my index.php this tag is inside an html table below the login form I also have a registration form and its php code above the login form Code: [Select] <?php if (isset($_REQUEST['pass'])) { $id=$_POST['id']; $pass=$_POST['pass']; $conn =mysql_connect("localhost","root",""); if (!$conn) { die('Could not connect: ' . mysql_error()); } /* checking connection....success! */ $e=mysql_select_db('test', $conn); if(!$e) { die(''.mysql_error()); } else { echo 'database selected successfully'; } if (isset($_REQUEST['id']) || (isset($_REQUEST['pass']))) { if($_REQUEST['id'] == "" || $_REQUEST['pass']=="") { echo "login fields cannot be empty"; } else { $sql=mysql_query("Select email,password from login where email='$id' AND password='$pass'"); $count=mysql_num_rows($sql); if($count==1) /* $count checks if username and password are in same row */ { session_start(); $_SESSION['id']=$id; echo "</br>Login Successful</br>"; } else { echo "</br>invalid</br>"; echo "please try to login again</br>"; } } } } ?> Any help or suggestion would be appreciated hi everyone. i'm wondering what the best way is to create a session variable and pass it to an iframe. i need to do something along these lines, but it doesn't seem to pass the ID. Any hints on how i should accomplish this? Code: [Select] session_start(); $_SESSION['ID']=$_GET['ID']; // id from previous page $ID=session_id(); <iframe src="iframepage.php?ID=<?php echo $ID; ?>" style="width:680px; height:200px;" noresize="noresize" frameborder="0" border="0" scrolling="Yes" allowtransparency="true" /> </iframe> I'm making a simple login system with MySQL and PHP (very simple, I'm just starting with PHP). The MySQL portion is done, but I need to ensure only people who are logged in can see certain content. To check if people are logged in, my website checks that they have the $_SESSION['user'] variable set. If it is set, then it lets them continue through the website, if not, it tells them to login. Is that enough security, or can people simply inject a session cookie into their browser to spoof that they are logged in? My idea was to generate a session key cookie when they login (just a random string of letters and numbers) and store that in the database, then on every page, check to make sure their session key is the same thing that's in the database. Is this necessary? It seems expensive. |
|||||||