Mixing
Can we have two different session name for normal user and admin user?
This is for normal user.
if($pass) {
/*password is correct*/
session_start();
$_SESSION['username'] = $username;
}
I have different login page for admin, would this work.
if($pass) {
/*password is correct*/
session_start();
$_SESSION['admin_username'] = $username;
}
There is a normal dashboard and admin dashboard. So if the session is admin_username then the user should be redirected to admin dashboard and if the session is username then the user should be directed to normal dashboard. Is this method prone to any error or conflict ?
I could also have one session name check if session is not empty and if $_SESSION['username'] equals username of admin redirect to admin dashboard else its normal user.
Which approach is better ?
php
asked Jan 2 at 8:02
MokuginnMokuginn
205
add a comment |
This is for normal user.
if($pass) {
/*password is correct*/
session_start();
$_SESSION['username'] = $username;
}
I have different login page for admin, would this work.
if($pass) {
/*password is correct*/
session_start();
$_SESSION['admin_username'] = $username;
}
There is a normal dashboard and admin dashboard. So if the session is admin_username then the user should be redirected to admin dashboard and if the session is username then the user should be directed to normal dashboard. Is this method prone to any error or conflict ?
I could also have one session name check if session is not empty and if $_SESSION['username'] equals username of admin redirect to admin dashboard else its normal user.
Which approach is better ?
php
asked Jan 2 at 8:02
MokuginnMokuginn
205
THe second option you yourself named is what usually is done.
– arkascha
Jan 2 at 8:03
1
That has nothing to do with session name—it's just a custom variable. This design suggests you should be able to be signed in with two users at the same time as long as they belong to different types. Do you really intend that?
– Álvaro González
Jan 2 at 8:15
add a comment |
This is for normal user.
if($pass) {
/*password is correct*/
session_start();
$_SESSION['username'] = $username;
}
I have different login page for admin, would this work.
if($pass) {
/*password is correct*/
session_start();
$_SESSION['admin_username'] = $username;
}
There is a normal dashboard and admin dashboard. So if the session is admin_username then the user should be redirected to admin dashboard and if the session is username then the user should be directed to normal dashboard. Is this method prone to any error or conflict ?
I could also have one session name check if session is not empty and if $_SESSION['username'] equals username of admin redirect to admin dashboard else its normal user.
Which approach is better ?
php
asked Jan 2 at 8:02
MokuginnMokuginn
205
This is for normal user.
if($pass) {
/*password is correct*/
session_start();
$_SESSION['username'] = $username;
}
I have different login page for admin, would this work.
if($pass) {
/*password is correct*/
session_start();
$_SESSION['admin_username'] = $username;
}
There is a normal dashboard and admin dashboard. So if the session is admin_username then the user should be redirected to admin dashboard and if the session is username then the user should be directed to normal dashboard. Is this method prone to any error or conflict ?
I could also have one session name check if session is not empty and if $_SESSION['username'] equals username of admin redirect to admin dashboard else its normal user.
Which approach is better ?
php
php
asked Jan 2 at 8:02
MokuginnMokuginn
205
asked Jan 2 at 8:02
MokuginnMokuginn
205
edited Jan 2 at 8:04
Mokuginn
asked Jan 2 at 8:02
MokuginnMokuginn
205
asked Jan 2 at 8:02
MokuginnMokuginn
205
asked Jan 2 at 8:02
MokuginnMokuginn
205
205
THe second option you yourself named is what usually is done.
– arkascha
Jan 2 at 8:03
1
That has nothing to do with session name—it's just a custom variable. This design suggests you should be able to be signed in with two users at the same time as long as they belong to different types. Do you really intend that?
– Álvaro González
Jan 2 at 8:15
add a comment |
THe second option you yourself named is what usually is done.
– arkascha
Jan 2 at 8:03
1
That has nothing to do with session name—it's just a custom variable. This design suggests you should be able to be signed in with two users at the same time as long as they belong to different types. Do you really intend that?
– Álvaro González
Jan 2 at 8:15
THe second option you yourself named is what usually is done.
– arkascha
Jan 2 at 8:03
THe second option you yourself named is what usually is done.
– arkascha
Jan 2 at 8:03
1
1
That has nothing to do with session name—it's just a custom variable. This design suggests you should be able to be signed in with two users at the same time as long as they belong to different types. Do you really intend that?
– Álvaro González
Jan 2 at 8:15
That has nothing to do with session name—it's just a custom variable. This design suggests you should be able to be signed in with two users at the same time as long as they belong to different types. Do you really intend that?
– Álvaro González
Jan 2 at 8:15
add a comment |
1 Answer
1
active
oldest
votes
I would advise you to split the username from the role.
You can add a separate session parameter with admin indicator
if($pass) {
/*password is correct*/
session_start();
$_SESSION['username'] = $username;
$_SESSION['isAdmin'] = true;
}
But you should keep in mind that when you ever want to add a third role, you should save the role in the session.
if($pass) {
/*password is correct*/
session_start();
$_SESSION['username'] = $username;
$_SESSION['role'] = "Admin"; // Or "Moderator" or "User"
}
answered Jan 2 at 8:05
R PelzerR Pelzer
693926
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54003042%2fcan-we-have-two-different-session-name-for-normal-user-and-admin-user%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I would advise you to split the username from the role.
You can add a separate session parameter with admin indicator
if($pass) {
/*password is correct*/
session_start();
$_SESSION['username'] = $username;
$_SESSION['isAdmin'] = true;
}
But you should keep in mind that when you ever want to add a third role, you should save the role in the session.
if($pass) {
/*password is correct*/
session_start();
$_SESSION['username'] = $username;
$_SESSION['role'] = "Admin"; // Or "Moderator" or "User"
}
answered Jan 2 at 8:05
R PelzerR Pelzer
693926
add a comment |
I would advise you to split the username from the role.
You can add a separate session parameter with admin indicator
if($pass) {
/*password is correct*/
session_start();
$_SESSION['username'] = $username;
$_SESSION['isAdmin'] = true;
}
But you should keep in mind that when you ever want to add a third role, you should save the role in the session.
if($pass) {
/*password is correct*/
session_start();
$_SESSION['username'] = $username;
$_SESSION['role'] = "Admin"; // Or "Moderator" or "User"
}
answered Jan 2 at 8:05
R PelzerR Pelzer
693926
add a comment |
I would advise you to split the username from the role.
You can add a separate session parameter with admin indicator
if($pass) {
/*password is correct*/
session_start();
$_SESSION['username'] = $username;
$_SESSION['isAdmin'] = true;
}
But you should keep in mind that when you ever want to add a third role, you should save the role in the session.
if($pass) {
/*password is correct*/
session_start();
$_SESSION['username'] = $username;
$_SESSION['role'] = "Admin"; // Or "Moderator" or "User"
}
answered Jan 2 at 8:05
R PelzerR Pelzer
693926
I would advise you to split the username from the role.
You can add a separate session parameter with admin indicator
if($pass) {
/*password is correct*/
session_start();
$_SESSION['username'] = $username;
$_SESSION['isAdmin'] = true;
}
But you should keep in mind that when you ever want to add a third role, you should save the role in the session.
if($pass) {
/*password is correct*/
session_start();
$_SESSION['username'] = $username;
$_SESSION['role'] = "Admin"; // Or "Moderator" or "User"
}
answered Jan 2 at 8:05
R PelzerR Pelzer
693926
answered Jan 2 at 8:05
R PelzerR Pelzer
693926
answered Jan 2 at 8:05
R PelzerR Pelzer
693926
answered Jan 2 at 8:05
R PelzerR Pelzer
693926
693926
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54003042%2fcan-we-have-two-different-session-name-for-normal-user-and-admin-user%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
THe second option you yourself named is what usually is done.
– arkascha
Jan 2 at 8:03
1
That has nothing to do with session name—it's just a custom variable. This design suggests you should be able to be signed in with two users at the same time as long as they belong to different types. Do you really intend that?
– Álvaro González
Jan 2 at 8:15