I'm learning PHP and I'm developing a quite simple website with authentication. As I don't think I'm good enough to make a secure authentication system (and anyway I don't have so much time), I searched and found this script http://php-login.net/ that seems to work perfectly. I'm using the "2-advanced" version of the script and in the index.php file there's something like this:
<?php
// load php-login components
require_once("php-login.php");
// create a login object. when this object is created, it will do all login/logout stuff automatically
// so this single line handles the entire login process.
$login = new Login();
// ... ask if we are logged in here:
if ($login->isUserLoggedIn() == true) {
include("views/logged_in.php");
} else {
include("views/not_logged_in.php");
}
So if the user is logged in it shows the contents of logged_in.php or not_logged_in.php if he's not (in the views directory there's an .htaccess that prevents the views to be accessed directly). Also other pages work this way (For example registration.php in the root directory includes the file views/registration.php in which there are the contents).
So here's my question: Is it more convenient to do it this way or (at least for the index) to make just one view and control single elements with something like this
if ($login->isUserLoggedIn() == true) { echo "you are logged in"
} else {echo "login form" }
for every element where it's needed? I think that for the client it would be basically the same but on the server-side I don't know and since I'm a beginner I wanted to ask. I'm sorry for my English but I hope you understood.
P.S.: I didn't understand if I can make "What's the best way" question on SO and I'sorry if I couldn't, next time I won't.
