Home/ Questions/Q 7706795
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T00:12:02+00:00

I’ve developed many login systems in PHP. Basically, for each website or application I

  • 0

I’ve developed many login systems in PHP. Basically, for each website or application I created, it had a login scheme to create articles, upload images, edit comments e blablabla.

I’ve never had problems with that, except once when I created a kind of social page inside my website. There was a user bothering the other users, so I decided to delete his profile, that’s why I’m here asking your help.

At the time, I was just checking the session on each page, for example:

<?php
if($_SESSION['loggedin'] === true)
{
    // Keep that page
}
else
{
    // redirect to login page   
}
?>

Then, when I deleted his profile the session wasn’t closed yet, after that the user continued annoying the other users, and I wasn’t able to do anything.

So, what’s the most common and best way to handle sessions on each page: Check the database each time or just check if the session is true?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I don’t know whats the best way, but I do something like this:

    I have an sql table with the sessions (for example userid, sessionid, expiredate, …).

    The sessionid is “saved” in a $_SESSION[‘cms_session’] .

    If the sessionid which is in $_SESSION[‘cms_session’] doesn’t exist in the session table, the user isn’t loged in anymore.

    For deleting the old sessions in the table i use crons.

    • 0