I have a hand-coded user authentication system in php that works very well, it limits access to pages based on a user level by means of a minute amount of php in a page, plus is makes all the user's data available in an object, I don't want to scrap all of that and rewrite it with dw.

When a user logs in, the user's id and session id etc are stored in a mysql table, from there the user's access level and other info is retreived, what I want to do is 'tell' dreamweaver about the existing session so it can access the session variables that are already there, and put more into the session. I don't want to pass parameters between pages I would prefer session variables because they are much more secure. If I can get dw to use the existing session will save me keep delving into dw's code and making edits because that throws dw off when it comes to edit things later.

Has anyone done this already?

I'm no expert at this but... presumably you have the standard

<pre id=code><font face=courier size=2 id=code>session_start();</font id=code></pre id=code>

at the top of the page.

Can you use this inside php tags:

<pre id=code><font face=courier size=2 id=code>

&lt;?php //initiate session
session_start();
//check POST array for valid data
if (isset($_POST['name']) && !empty ($_POST['name'])) {
//set session variable
$_SESSION['name'] = $_POST['name'];
}
?&gt;
</font id=code></pre id=code>

As I say, I'm no expert, and I haven't personally tried this code so it is untested. I'm merely posting as a suggested course of action and I may well be way off base...... Having said that I still HTH.

Cheers




_________________________
DW8 | DWMX | PHP | MacOS
<i>Learn to see in another's calamity the ills which you should avoid.</i>


Edited by - sgiandhu on 15 May 2006 22:17:51

Quote

I'm no expert at this but... presumably you have the standard

<pre id=code><font face=courier size=2 id=code>session_start();</font id=code></pre id=code>

at the top of the page.


-----
Thanks for responding, that's useful.

The way my system works is that the session is started when the user logs in, by my code, then the userid saved in a cookie, with the session id in a database so that the session id is not exposed. I've found that I can access the session variables, that's good. The thing that's not yet sorted out is adding things. Ideally what I would like is to pass variables from page to page via the session variables, so that for example the id of the record being updated, is not visible. I'm not sure just how to do that when a user completes a form, for example if a user updates the record via a form, when they click submit, the values go back to the server, what I would like is to be able to put things into the session variables then, before the update.

I'm not sure I've explained that well.

I don't know if I'm being too concerned about passing parameters and making them visible like that. I always have concerns that someone could manually change them.