I am a php newbie and am going through the code of retwis as redis tutorial. While going through the code, I ran into following piece of snippet
function isLoggedIn() {
global $User, $_COOKIE;
if (isset($User)) return true;
if (isset($_COOKIE['auth'])) {
$r = redisLink();
$authcookie = $_COOKIE['auth'];
if ($userid = $r->hget("auths",$authcookie)) {
if ($r->hget("user:$userid","auth") != $authcookie) return false;
loadUserInfo($userid);
return true;
}
}
return false;}
function loadUserInfo($userid) {
global $User;
$r = redisLink();
$User['id'] = $userid;
$User['username'] = $r->hget("user:$userid","username");
return true;}
So what the code is doing here is that, when a user opens say index.php, we call isLoggedIn, if the user satisfied the authentication then we load the user info (id and username) in the global $User variable and use it other php pages to display information much like session variables.
My question how is this use of global variable correct? Are not global variable shared across the application(for multiples users)? If lets say user1 logs in and we set $User with user1 credential and then user2 logs in, wont then the $User variable be changed/overriden with data of user2 and show incorrect data for user1? But in application everything is working fine, Can anyone explain to me what I am doing wrong?
PHP doesn't have any application-level persistence. Use APC or memcache to store such values. You can not only access these values from any page but can also access from any server and in a faster way.
but won't this User global variable be shared between multiple users which might cause conflicts? Does each user have its on copy? @Dude
It depends. This will be up to you. Memcache (btw I recommended you memcached) it is "like" a table with keys and values
+-------+--------+
| Key | Value |
+-------+--------+
| User1 | Value1 |
| User2 | Value2 |
| User3 | Value3 |
+-------+--------+
You can code so each key can be user ID and the value can be an object, serialized object or whatever. In this case you don't have any conflict. However, if you want,you can share the same resource (use the same key for everyone), but I don't think that is what you want)