Specifications
session.cookie_path / Path to set in session cookie.
session.name PHPSESSID The name of the session that is used as
the cookie name on a user’s system.
session.save_handler files Defines where session data is stored. You
can set this to point to a database, but
you have to write your own functions.
session.save_path /tmp The path where session data is stored.
More generally, the argument passed to
the save handled and defined by
session.save_handler.
session.use_cookies 1 (enabled) Configures sessions to use cookies on the
client side.
Implementing Authentication with Session Control
Finally, we will look at a more substantial example using session control.
Possibly the most common use of session control is to keep track of users after they have been
authenticated via a login mechanism. In this example, we will combine authentication from a
MySQL database with use of sessions to provide this functionality.
This functionality will form the basis of the project in Chapter 24, “Building User
Authentication and Personalization,” and will be reused in the other projects.
We will reuse the authentication database we set up in Chapter 14, “Implementing
Authentication for PHP and MySQL,” for using mod_auth_mysql. You can check Listing 14.3
in that chapter for details of the database.
The example consists of three simple scripts. The first,
authmain.php, provides a login form
and authentication for members of our Web site. The second,
members_only.php, displays
information only to members who have logged in successfully. The third, logout.php, logs out
a member.
To understand how this works, look at Figure 20.4. This is the initial page displayed by
authmain.php.
Advanced PHP Techniques
P
ART IV
438
TABLE 20.1 Continued
Option Name Default Effect
25 7842 CH20 3/6/01 3:42 PM Page 438