PHP-and-MySQL/C4/User-Login-Part-3/English-timed
From Script | Spoken-Tutorial
| Time | Narration |
| 00:00 | Welcome to the 3rd part of our User login tutorial. |
| 00:07 | Here, we'll create a session in which the user can enter a page and they're allowed to be inside the page as long as they have successfully logged in. |
| 00:16 | To start any session, we will need a function which is "start session()". |
| 00:25 | Is it "start session" or "session start"? Let's just test it quickly. |
| 00:34 | Right, an error! So, it must be session_start(). Sorry, I was a bit confused there. |
| 00:40 | "Session start", okay? So refresh, resend and "You're in!" |
| 00:42 | We've started the session and this let's us add a session variable. |
| 00:51 | So, "You're in!". After this, I'll say "Click here to enter the secret... no, the member page." okay? |
| 01:12 | And this is going to be a link to a page called "member dot php". |
| 01:19 | Let's just recap. As long as we send the right data, we're going to say "Click here to enter the member page" which we haven't created yet. |
| 01:30 | Let me remind you here that we just created our "session_start()" here which is very important. |
| 01:36 | We're going to create a session and to do this, let me start and type here the dollar sign underscore SESSION and then in brackets, in square brackets, we will give it a session name. |
| 01:53 | I'll call it "username" and that will be equal to our username. I think I will say '$dbusername' because that's a more direct value from the database. |
| 02:08 | We have our session set. |
| 02:10 | As long as the user is in their browser, not the browser you evoked them with, then when we echo out our session in any page now, this will be set as a session. |
| 02:20 | To prove this I'll create a new page. |
| 02:25 | It'll be the "member dot php" page. |
| 02:28 | So, I'll save this as "member dot php". |
| 02:30 | Here I'll say echo and I'll echo the "username" session, okay? |
| 02:42 | In fact, I'll concatenate at the start "Welcome" and at the end, just to make it more expressive, let me add an exclamation mark. |
| 02:55 | As long as we are logged in, this should run this command here, setting our session in our browser to our "username" on any other page we create. |
| 03:06 | If this is any other page over here and you use this code to set, it will work. |
| 03:11 | You will, of course, need this function inside here, as well. |
| 03:18 | So you need "session start()" inside every page that you call or declare a session in. |
| 03:29 | There we restart. Let's go back to the main page. |
| 03:35 | I'll login with my details as "Alex" and "abc", click on Login. |
| 03:41 | "You're in! Click here to enter the member page". Now as you can see, there is no error. I've successfully created my session. |
| 03:49 | If I click here, we get "Welcome!" We have got only that. Let's see what happened. |
| 03:52 | Let's go back and see what I've done wrong. This should be "$username". |
| 04:00 | I'm not using any comparison here but I've put a double equals sign here. That might be wrong. |
| 04:07 | Now this should work. Let's go back to our "index" page and let's log in again, as we did before. |
| 04:17 | Login, okay, "You're in! Click here to enter the member page". Click here and "Welcome, alex!". |
| 04:26 | Now I'll go back to the login page. |
| 04:28 | Most people would think all that data has been lost now. |
| 04:32 | But if I go back to the member page which is "member dot php" and press Enter, it is still saying "alex". |
| 04:40 | And in some second-starts, if I close my browser and reopen it and I go to "local host php academy" then go back to my page which is the "login session" and back to my member page, I'm still logged in. okay? |
| 05:03 | So, my user is logged in. If I close the browser, I am still going to be logged in when I enter back. |
| 05:12 | This is a very useful function if you're doing this kind of logging in. |
| 05:19 | A lot of websites do this to keep you logged in. |
| 05:23 | But now I want to create a log-out page. |
| 05:26 | To log out, all we need to do is: we need to create a separate page and let's just save it as "logout dot php". |
| 05:33 | And we need to end our session here. |
| 05:39 | First of all, before we destroy our session we need to start it. |
| 05:46 | So I'll type "session_start()" here. Let me confirm it once. |
| 05:55 | Ok. And then we need to say "session_ destroy()". Sorry, not sestroy, destroy. |
| 06:04 | If we run this page here, it will destroy our session. |
| 06:08 | Here, I could type a friendly error message "You've been logged out. Click here to return". |
| 06:20 | Let me create a link back to our "index dot php" page. |
| 06:32 | Now I'll test this again. For example, let's say... |
| 06:35 | Let's put a break there. Here I'll create a link to log-out. |
| 06:41 | It's important to give the link to the user to our "logout dot php" page; otherwise they'll not know how to logout. |
| 06:50 | We refresh this and it will create a Logout link, to log out from the php page. |
| 06:55 | Click on this and you get "You've been logged out. Click here to return". |
| 06:59 | I assume that we've been logged out. Trying to go back to our member page dot php. |
| 07:04 | We have got no variable here. |
| 07:06 | Now you don't want the users to get access to this page because they are not logged in right now. |
| 07:13 | So, here I'll say session_start() then I'll say if session and the session name which is 'username'. |
| 07:19 | Next, I'll echo out my data to say "Welcome" else I'll say die(). |
| 07:25 | No! Not me - I want my page to die! So I'll say "You must be logged in". |
| 07:45 | We're saying: if this session exists or if it has been created by using a correct username and password, we can echo out our friendly message to say "Welcome"; otherwise kill the page and say "You must be logged in!". |
| 07:55 | So, this is all in this part of the tutorial. Let me summarize this for you. |
| 08:04 | Remember, I'm not logged in. So, let me login. |
| 08:06 | I am in. There's my member page. I can log out. I return here. |
| 08:10 | Now, as we've created "member dot php", press Enter. |
| 08:14 | It displays, "You must be logged in!". |
| 08:16 | So, for example, I'm going to log in but I'll not click here to go. |
| 08:22 | I'll just forward myself to "member dot php". Message has been created and I've been allowed access. |
| 08:29 | Okay so that's it for now. This is the last part of this tutorial. If you have any questions on this, I'll be more than happy to help. |
| 08:37 | This is Evan Varkey, dubbing for the Spoken Tutorial Project. Bye. |
