Create a function that sets $_SESSION variables

Question

I created a site where you need to login to visit the different pages, nothing special. To keep the user logged in, I'm setting the session on top of every page.

My problem is, I don't wanna have to set the different session variables on top on each page. I'd rather have one function I can call to set them. Plus I don't need all those variables on each page, so I'd like the function to accept optional parameters (like the email, or profile picture that are not used on every page).

I call this on top of each page:

<?php 

require_once 'session.php';
confirm_logged_in();
$username = $_SESSION['username'];
$email = $_SESSION['email'];
$picture = $_SESSION['picture'];
$group = $_SESSION['group'];

?>

I would like to make it more like this and be able to set only the variables I need:

<?php 

require_once 'session.php';
confirm_logged_in();
set_variables($username, $email);

?>

The 'session.php' file is like this:

<?php 
session_start();
function logged_in(){
    return isset($_SESSION['username']);
}
function confirm_logged_in(){
    if(!logged_in()){
        header('location: start.php');
    }
}
?>

I've tried a few things, but it just led me to huge amounts of errors. Has someone already done this or found a script doing this? Is that possible?

Answer 1

First of all, if what you want to do is overload your function, you can't do that. For more info on that see this. However, you can do this:

<?php

set_variables($username, $email, $picture,$group)
{
$_SESSION['username'] = $username;
$_SESSION['email'] = $email;
$_SESSION['picture'] = $picture;
$_SESSION['group'] = $group;
}
?>

Put this function in your session.php file.

Answer 2

I am not sure if I understood right, but if I did, all you need to do is create a new file, let's call it "Session_Variables.php".

After you created the file, paste the following code into it:

<?php
require_once 'session.php';
confirm_logged_in();
$username = $_SESSION['username'];
$email = $_SESSION['email'];
$picture = $_SESSION['picture'];
$group = $_SESSION['group'];
?>

Then, finally, just replace the old code with:

include("Session_Variables.php");

Answer 3

Not directly related to the question you are asking, but you should really add exit; after a redirect header. Clients can ignore headers and still load your page even while not being logged in.

Answer 4

if you want to make set_variables($username, $email) work like i think you wanted, you need to write something like this.

Session.php

<?php 
session_start();
function logged_in(){
    return isset($_SESSION['username']);
}
    function confirm_logged_in(){
    if(!logged_in()){
        header('location: start.php');
    }
}
//Only Picture and group are Optionals
function set_variables($username, $email, $picture = '', $group = ''){
    //you can check here is thoses variables are set or valid before assign them
    $_SESSION['username'] = $username;
    $_SESSION['email'] = $email;
    $_SESSION['picture'] = $picture;
    $_SESSION['group'] = $group;
}
//create a function that we need to retrieve thoses values
function get_variable($name){
    if ( isset( $_SESSION[$name] ) ) return $_SESSION[$name];
    return FALSE; //if the variable is not set.
}
?>

And you can use it like this

<?php 
require_once 'session.php';
confirm_logged_in();
set_variables($username, $email);
$username = get_variable('username');
?>

Answer 5

I think you need to move the session_start(); to the actual page. Using a require_once on the session_start(); is not a good plan.