L
L
littleguga2015-08-14 17:52:36
PHP
littleguga, 2015-08-14 17:52:36

Whether correctly I understood the mechanism of authorization?

if(isset($_SESSION["user"]) and isset($_SESSION["key"])){
    echo "Вы - " . $_SESSION["user"];
    //тут выводим контент доступный только авторизованному пользователю
}else{
    echo "Вы должны войти";
}

Is this approach correct?
$_SESSION['user'] is set by the login() function, compares the login:hash pair of the entered password with the same pair in the database, and if successful, key is the unique key of the given user to delete/edit, etc.
logout() - unset(...)
Is that right? What are the comments?
Thanks in advance for the detailed answer!

Answer the question

In order to leave comments, you need to log in

1 answer(s)
S
Sergey, 2015-08-14
@littleguga

Yes, and the code you provided is
ps authentication, I hope you are using the password api for hashing passwords and not some md5.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question