I'm working on a user authentication class in PHP and have encountered some problems with session handling.
This is the basics:
global.phpI have a file called
global.phpthat's included at the beginning of each pageload. From this file I also include additional classes used for example the
class.uservalidation.phpthat I'm working on. I initiate the session in the
class.uservalidation.phpWhen this class is instantiated in the beginning of the
global.phpfile there is a call to a
checkLoginmethod in the constructor that checks the session variables
hashand if they match it will set the
authproperty to the level of the selected user.
login.phpis the login page (obviously...) and when submitted this will call the
loginmethod of the uservalidation class. This method will set two session variables
hashwhen there's a successful login.
index.phpis the default landing page that will show different content depending on the login status
And this is an example of how it works:
I go to
login.php. Session is started