sonal Posted August 16, 2012 Share Posted August 16, 2012 I see examples how to fetch data from php to ajax (and display it via javascript.) As in log-in example, we can check whether there is a valid email and password entered, we can simply display "You are now logged in." Till here I understand and work out. But, now as the user logs in, I need to set the php session. The login form sends data to the ajax.php, which simply returns a success message. In other case, if I just use php to check valid login details, I can set php session as soon as the script finds match data. I know I can send ajax data through URL to second php page, where it can access through $_GET. But I want to get that data into SESSION rather than sending through URL. How I do that? Link to comment Share on other sites More sharing options...
HartleySan Posted August 16, 2012 Share Posted August 16, 2012 Similar to before, you have to first send the data via Ajax from JS to PHP. From the PHP side, you can store the data in the session. The important thing to understand is that sessions are a server-side concept and can only be accessed from a server-side script. Cookies, on the other hand, can be accessed from both JS and PHP, so maybe using cookies would be a better (and faster) solution. 2 Link to comment Share on other sites More sharing options...
Antonio Conte Posted August 17, 2012 Share Posted August 17, 2012 Jon, I often miss things when it comes to JS, but I need to ask this: Secure login and cookies? How does that make sense? Do you validate the cookies against sessions, a query result or something else per request? I ask because it may be a security hole you didn't think about there, or something I need to learn learn. Again... 1 Link to comment Share on other sites More sharing options...
HartleySan Posted August 17, 2012 Share Posted August 17, 2012 Antonio, you're right. When I answered the question, I was answering in general and not responding specifically to sonal's question about the login, which looking back, I should have clarified. Thank you for pointing that out though, as you're absolutely right, login info should never be in a cookie. Thanks again. 1 Link to comment Share on other sites More sharing options...
Recommended Posts