Php mysql_query or mysqli_query?
Which is the best method to use in Php mysql_query or mysqli_query?
Need to include a db connect/config file without a headers already send error.
Was thinking of using both.
Can anyone help/advise me please?
Need to include a db connect/config file without a headers already send error.
Was thinking of using both.
Can anyone help/advise me please?
Comments8
Join the community to add your comment. Already a deviant? Log In
Thanks, guess a config file must be possible like dbconnect.inc.php with database user name host and password.
Still not sure how to stop the headers already sent error with include.
PHP sessions are deprecated too.
So would i use $_COOKIE['USER'] ['NAME'] ?
Would leave room for user type.
Still not sure how to stop the headers already sent error with include.
PHP sessions are deprecated too.
So would i use $_COOKIE['USER'] ['NAME'] ?
Would leave room for user type.
$_SESSIONS? They aren't deprecated.
And cookies can be stolen or altered, so I wouldn't put sensitive information in them.
And cookies can be stolen or altered, so I wouldn't put sensitive information in them.
You're right it was just the error message making me think that.
Fixed this with:
session_start();
$_SESSION['user']['name']=$usrdata['username'];
$_SESSION['user']['type']=$usrdata['type'];
session_write_close(); //close the session
Know cookies can have an expiry time.
What would be a secure way to make a user logout after lets say 15 minutes of inactivity? I was thinking of using javascript or ajax to call a log off command. This would cause a problem if javascript was disabled. Maybe $_SESSION['user']['logontime']=date(); and check to see if it within 15 mins. If it is renew the date if not kick user to logon form.
Fixed this with:
session_start();
$_SESSION['user']['name']=$usrdata['username'];
$_SESSION['user']['type']=$usrdata['type'];
session_write_close(); //close the session
Know cookies can have an expiry time.
What would be a secure way to make a user logout after lets say 15 minutes of inactivity? I was thinking of using javascript or ajax to call a log off command. This would cause a problem if javascript was disabled. Maybe $_SESSION['user']['logontime']=date(); and check to see if it within 15 mins. If it is renew the date if not kick user to logon form.
PHP is interpreted once on page load and has no event structure to capture post-load actions. For something like that, you wouldn't need to worry about security anyways, since the data you're saving is simple "when did my user login to the site" (a timestamp or date, nothing special). If it were me, I would set a cookie (or localstorage, because HTML5 is boss) in either PHP or JS and then use JS to determine when 15 minutes has elapsed. If they disable JS you're out of luck, unless you want to write your app in C/C++/*.NET/Java or something where you can have multi-state apps. Then again, if they disable JS they are paranoid idiots who don't understand the internet, so I wouldn't worry about those users.
Using strictly PHP you could do it, but it would only be able to check if the session was still valid once they refresh the page. If it's half an hour later, and maybe they were working on something before they left, they may lose their work. Personally I hate systems that have this feature, though I do understand why they do it.
Using strictly PHP you could do it, but it would only be able to check if the session was still valid once they refresh the page. If it's half an hour later, and maybe they were working on something before they left, they may lose their work. Personally I hate systems that have this feature, though I do understand why they do it.
I found the jQuery idleTimer plugin by Paul Irish.
If user is active run timers to call ajax to renew session every few minutes.
If not let the session expire. Could also add "about to be logged off" warning in div.
As a fail save I could get the users work to save as a draft in a database.
This way they can resume once they log in again.
Trying to keep things simple normally helps.
Thanks for your feedback and looking forward to seeing if this makes sense to someone other than myself.
If user is active run timers to call ajax to renew session every few minutes.
If not let the session expire. Could also add "about to be logged off" warning in div.
As a fail save I could get the users work to save as a draft in a database.
This way they can resume once they log in again.
Trying to keep things simple normally helps.
Thanks for your feedback and looking forward to seeing if this makes sense to someone other than myself.
Most of the stuff I do now is "hey, I'm a simple concept - I dare you to attempt to integrate me into something horribly complex!" so I usually overthink things. Glad you sorted it out.