Jump to content
xisto Community
Sign in to follow this  
sonesay

Php-fusion Cms No session_start() used?

Recommended Posts

A while back i was looking for free hosting and a forumn suite for my own comunity. I ended up using hostingdirect.co.nz and php-fusion from https://www.php-fusion.co.uk/home.php It was pretty easy to setup and run. But my site required more specific functions other then generic CMS could offer and I wanted to learn PHP so I start reading tutorials and such to learn. I was working on them locally and they seem to run fine on my own server. When i upload my own site to the hostingdirect site I find they do not have safe_mode off. I got an error in my index.php file when i try and run session_start().

From all the books and online resources I've seen we are taught to use session_start() so I wondered why was the php-fusion CMS working and my own wasnt. I looked into the source files looking to find if they did use a session_start() but could not find any. Their code was alot more complicated and longer then mine.

My question is session_start()(sessions) not required to keep track of users details when loged in? Have they used other means i.e cookies or what ever there is to do the same thing? If so are there potentional problems if they are not using sessions.

That problem has lead me here looking for a hosting site which offers safe_mode off. I just want to know if Im heading in the right track of learning PHP correctly. I just realise that tables are kinda bad. after reading and understanding what CSS can offer for layouts I just hope I dont learn PHP the wrong way.

Any insight from experience php coders apprecited ^^

Edited by sonesay (see edit history)

Share this post


Link to post
Share on other sites

PHP tries to make your life easier with the session variables and session functions but there are other ways. I never liked the php built in session functions so I just make my own login script. You have 2 sql tables. One holds all the users like normal, and then you add another one called sessions. Under sessions, you have the variables sessionID, userID, and you may also include IP if you want to backcheck the session with an IP address to prevent cookie stealers.When a person logs in, you check the username and password based on the users table, and if its correct, have php make a random group of letters and numbers. Set a cookie on the users computer to this code, and insert a new row into sessions with this code as the sessionID and the users's ID for the userID. On every page that you want to check if the user is logged in or not, have php grab the cookie off of the users computer, find the row with that session, and get the userID.That way php will know what user is currently logged in. If you do not want two people logged into the same username, have php delete all rows from that userID when the person logs in.I hope this helped!

Share this post


Link to post
Share on other sites

The script will not work because safe mode has not been turned off by them in php.iniTo answer your question Xisto does have safe mode turned OFF

Share this post


Link to post
Share on other sites

That way php will know what user is currently logged in. If you do not want two people logged into the same username, have php delete all rows from that userID when the person logs in.

Thanks for your responses guys. I've got a few things Id like to ask about deleting user records to prevent users from logging in. You would have to readd the user to the users table when logging out right? what If users just close the broswer when leaving your site how would the users record be restored back into the users table?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.