[FX.php List] Good PHP Design? Process in same or other (include)page?

Andrew Denman adenman at tmea.org
Wed Nov 15 08:54:57 MST 2006


"One solution seems to be splitting the processing into a separate page from
the page that displays the form or the user name & logout link. This way I
could call the processing include at the top of my main page and set the
session variable there, so that by the time the form/name page gets
included, the session variable has already been set."
 
This is the method I use, and I took it from other login systems I've seen.
At the beginning of each protected page (line 1) I includeonce() a login
check file which opens a session and checks to see if a certain session
variable has been set.  If the session variable has been set, it allows the
page to continue processing.  If it hasn't, it redirects them to a
standalone login page.  After logging in, the session variable is created
and they are sent back to the original page, where the login check now
allows them through.
 
As I have it implemented, this will deny access to the protected page until
the user has logged in.  You could code the login check file to allow the
page to process without logging in, checking for the login status in the
page to restrict certain parts (or the entire page).  I also don't do
anything special on the login page - it is completely separate and strictly
for providing login information and sending the user on their way.  If they
are already logged in and hit the login page they are sent to a default
member's area.  This way all of my protected pages use the same login code
and I only have to maintain 3 pages for the login process: login, login
check, and logout.
 
Andrew Denman


  _____  

From: fx.php_list-bounces at mail.iviking.org
[mailto:fx.php_list-bounces at mail.iviking.org] On Behalf Of Joel Shapiro
Sent: Monday, November 13, 2006 12:28 AM
To: FX.php Discussion List
Subject: [FX.php List] Good PHP Design? Process in same or other
(include)page?
 
Hi all
 
Looking for recommendations on good php design here.
 
I'd been under the impression that having fewer php pages is often good
design (now I'm not so sure ;), so I put the processing of a login into the
login page itself (code at bottom of email). Dependent upon whether the
login session variable is set, the login page displays either the login form
or the logged in user's name and a logout link. This works fine.
 
I made the login page into an include so that I can use it in different
places on my site, where a user can login for different purposes. This works
fine.
 
However, I'm encountering a problem in the UI because I want to have text
displayed *above* the login form dependent upon where on the site the user
is (e.g. "Login here to register" or "Login here to view your history").
I've got this inside an if (isset ($_SESSION['login']) ) statement (on the
main calling page, not the include), since I don't want to display it once a
user is logged in. The problem comes because -- since I've got the login
processing happening within the login page itself -- by the time the include
gets called, the line above it -- with the IF statement -- has already
processed: so a successful login still has "Login here to register"
displayed above it until the page is reloaded in the browser.
 
One solution seems to be splitting the processing into a separate page from
the page that displays the form or the user name & logout link. This way I
could call the processing include at the top of my main page and set the
session variable there, so that by the time the forn/name page gets
included, the session variable has already been set. Another thought I had
would be to keep the processing in a page that I include at the top, and
have that page set a variable with either the form or the user's name, and
then echo that variable lower in the page -- instead of another include.
(that seems messier to me, though).
 
Any recommendations for me? How do other people deal with this? Any good
rules of thumb? (Does this have anything to do with the concept of 'object
oriented'?...) And if more shorter pages are preferred, are there naming
conventions for such files, e.g. login_display.php, login_process.php...?)
 
TIA for any feedback.
 
Best,
-Joel
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
code basics:
if( $_POST['login'] == 'login' ) {
            // DB QUERY HERE
            if ( $result['foundCount'] == 1 ) {
                        // SET $_SESSION['login'] }
            }
}
if ( !isset($_SESSION['login']) ) {      
            // ECHO FORM (action="$_SERVER['REQUEST_URI']")
} else {
            // ECHO USER NAME AND LOGOUT LINK
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.iviking.org/pipermail/fx.php_list/attachments/20061115/c18ef7b0/attachment.html


More information about the FX.php_List mailing list