Search the Community

I'm working on a shopping cart that calls for a secure login and certain data fields being kept as users move page to page. This is very important because the beta version of the site gives discounts on the individual user level, and the first version of this site will be exclusively for customers who have a history with my company. It won't be for everybody until we're good and ready to expand. It's just for the customers who want to be able to order things from their computer for now. When I did my senior design page, it had a very superficial login with a user name and password, and if you knew the URL, you could just type it in. Now I'm trying to make a secure session. So I'm following along in this tutorial to make an entire secure session PHP class. http://tutorial-resource.com/2011/10/a-secure-session-management-class-in-php/ I followed along in the tutorial, creating every piece line by line so I could understand it as best I could, but there are a few things I don't understand. First, I want to add certain lines so they stay page to page, such as "first name", "last name", and a customer id number. Then there's the line near the end of the tutorial which really confuses me: # Update the name. $sessionInfo->sessionData['fullname'] = "My New name"; $sessionInfo->setSessionData(); If SessionData is a TEXT data field in the MySQL database, and we are setting sessionData['fullname'] as some string, how is that accessed? May I arbitrarily make more fields such as sessionData['first_name'], sessionData['last_name'] and sessionData['customer_id']? How would that work if the sessionData row in the database is one row of text? Also, I see nothing in the class about what needs to happen when a user clicks Logout. Lets say I need to make my own Logout button, which is fine. How would properly terminating a session work?