The Object-Oriented Thought Process (4th Edition) (Developer's Library)

Author: Matt A. Weisfeld
This Month Stack Overflow 1


by anonymous   2017-08-20

Generally speaking, when a user logs in for the first time, set two state flags in $_SESSION:

 $_SESSION['loggedIn']   = true
 $_SESSION['subscribed'] = bool //true or false

I assume that only registered users can login. If a user does something to change his or her state, update $_SESSION accordingly.

Take note, be sure to check that a session is active before checking values. Also, use session_regenerate_id to deter session fixation.

Truly sophisticated types might try serializing a User object and storing it in $_SESSION. Then, on each page load, the User object's properties can be marshaled (unserialized) and made to come alive once more in a new instance of a User object. In that world, you would just check the properties of the User object to see if he or she is (a) logged in and (b) subscribed. The state of the User object would be your concern, not just isolated values in the $_SESSION superglobal.

PHP Manual: Object Serialization

Book: The Object Oriented Thought Process (4th Edition): See Chapter 12