0

After the user has logged in I want to be able to save the userId for later use within the application. The only place in the application I retrieve the username is from the login form, through the login controller. However, that structure in my application is that the only thing that is passed to my master controller from the login controller is HTML.

Of course I could include the userId in a hidden field inside the HTML that's passed back to the master controller, but that seems too hacky.

So, is there a way that I can save a value (in this case the username) so that it's accessible from other classes/namespaces/functions whatever? I have read a bit about 'global', but haven't managed to get it work in my application.

from LoginController.php:

if ($loginView->TriedToLogin()){ $loginUsername = $loginView->GetUserName(); //Retrieved from form $loginPassword = $loginView->GetPassword(); }
Improve this question
3
  • Especially when using a framework your question sounds like you are trying to do something nasty you shouldn't do at all. Commented Oct 21, 2012 at 20:21
  • 1
    What framework are you using? This will have a way for you to access this information already. Commented Oct 21, 2012 at 20:22
  • Self made MVC, so no framework at all. Commented Oct 21, 2012 at 20:29

3 Answers 3

Reset to default
1

Upon login, you need to store your user token in a session.

See: https://www.php.net/manual/en/features.sessions.php

Store user when logging in:

$_SESSION['user_id'] = 32; // fetch from your user provider

You can then write a class/function that utilises the session to check their login status and fetch their details when required.

Like so:

function getUserId() { return isset($_SESSION['user_id']) ? $_SESSION['user_id'] : false; } function isLoggedIn() { return isset($_SESSION['user_id']) && is_numeric($_SESSION['user_id']); }

Then use anywhere in your application:

echo isLoggedIn() ? getUserId() : 'Anonymous';

Also, for great information on how to build an MVC framework, check out "Create your own framework... on top of the Symfony2 Components".

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

How about Sessions?

Session support in PHP consists of a way to preserve certain data across subsequent accesses.

https://www.php.net/manual/en/features.sessions.php

Improve this answer

Comments

0

If it's only the username you want store, I would go with $_SESSION[].

It's not the most secure in a (shared) hosted environment, but it's so easy to call session_start(); first thing on pages using the stored data.

Improve this answer

4 Comments

Can you elaborate on how security is affected by a hosted environment when using sessions?
@nickb of course. The sessions are most often saved to a common folder across all the hosting accounts, - everybody have access to it, granted they "guess" the session_id. Therefore make sure you never store passwords, personal information and such.. A username or email, haircolor etc is fine.. (why not only the id and retrieve whats needed when needed with that?) :)
If that's the case then you have a terrible sysadmin who has no clue what they're doing - On my own server, in my shared hosted environment, and on every shared hosting environment I've used, my sessions are stored at the root of my domain's filesystem (off the public root, of course), where only I (and the admins) have access. It's not shared across all users.
now you made me compare my different hosts.. seems like an older issue looking at the search results on the topic. Anyway, the costumers of shared cheap hosts mostly never concern security. Thanks for making me clear up things to myself!

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.