Join David Powers for an in-depth discussion in this video Revalidating credentials for sensitive areas, part of Managing PHP Persistent Sessions.
- Session variables are dependent on a single cookie…that stores the session ID.…So it's a good idea to get users to confirm their identity…by entering there username and password again…before giving them access to sensitive information,…such as account details, or making a purchase.…The page that we tried to access in the previous video…was sensitive.php, let's take a look at the code.…Above the doc type we include authenticate.php…so access to this page is limited to someone who's…already logged in directly or who's credentials…have been checked by the AutoLogin class.…
In the body of the page the conditional statement…that begins on line 14 checks to see if…SESSION[ "revalidated"] has been set.…If it has the content of the page is displayed.…But if it hasn't been set, the else block that begins on…line 19 creates a new session variable called…return_to, and assigns it the value of SERVER[ "PHP_SELF"]…In other words, the current URL.…This is so the application knows where to redirect users…after re-validating their credentials.…
- Configuring sessions
- Inspecting how session data is stored
- Implementing persistent sessions
- Creating a SQL database to store session data
- Implementing the PHP SessionHandlerInterface
- Writing session data
- Closing and destroying sessions
- Creating an auto-login system with persistent sessions
- Creating persistent logins
- Checking out visitor credentials
- Authenticating users
- Logging out users selectively
Skill Level Intermediate
Accessing Databases with Object-Oriented PHPwith David Powers3h 47m Intermediate
1. Sessions and Security
2. Preparing the Database
Connecting to the database5m 49s
3. Storing Session Data in MySQL
4. Creating an Autologin System
5. Testing the Autologin System
Final thoughts3m 9s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.