viz wrote:
> i have written a class for session handling, and i want to use it to
> keep track of the user.
> After authenticating the user in login page i am storing the session
> info like uname etc.. in a object of session class. I am creating this
> object in the login page.
> Now how can i make this object persist between subsequent page
> requests. and i dont want to use GET method.
> Is it sensible to use hidden fields OR will i have to create a new
> session object in each page???

To make an object persist between page calls you will have to save it
somewhere. Depending on the complexity you will probably use $_SESSION
variables and optionally save data to a file or database that will be
read by each page view. To access the $_SESSION variables a session ID
is held on the client computer either in a cookie or in the URL as a
$_GET variable (it's simply a session reference ID).

If you use hidden fields on forms then the data will be visible to
users using view source, and therefore can compromise security for
example someone creating a fake set of hidden variables.

If you read up on PHP sessions it will help you get where you want to
go.


Saul
www.notanant.com
Communities of websites