login.php
<?php
ob_start();
session_start();
include '../config.php';
if( (isset($_SESSION['can-id']) )) {
header('location: ../home/profile.php');
}
if(isset($_POST['can-login']))
{
$email=$_POST['email'];
$password=$_POST['password'];
$sql="SELECT * FROM `user_credentials` WHERE `email`=:email AND `password`=:password";
$pdoResult=$conn->prepare($sql);
$pdoExec=$pdoResult->execute(array(":email"=>$email,":password"=>$password));
$pdoResult->setFetchMode(PDO::FETCH_ASSOC);
$count=0;
$uid='';
while ($r=$pdoResult->fetch()) {
# code...
$count+=1;
$uid=$r['email'];
}
if ($count==1) {
# code...
$_SESSION['can-id']=$uid;
header('location: ../home/profile.php');
}
else
{
$_SESSION['error']="login failed";
}
}
?>
<html>
....
</html>
profile.php
<?php
ob_start();
session_start();
if (!(isset($_SESSION['can-id']))) {
# code...
header('location: ../login/');
}
else
{
$cid=$_SESSION['can-id'];
}
?>
<h1 ><?php echo $cid;?></h1>
This is my code after log in the page was redirected to profile.php page but in profile page session variable doesn't printed I don't know why but this problem was not occuring every time I log in It occurs sometimes so I can't find what is the problem. Anyone knows please help me to solve the problem.
Remove ob_start() from your login.php
Don't put session_start() in all of your file
e.g login.php, profile.php, etc
but instead, add this to your config.php for example:
<?php
session_start();
//.. config variables here
Then, include config.php also in your profile.php.
Related
I'm redirecting to page by link "welcome.php?language=english".
But when I place function 'confirm_patient_logged_in()' below Session declaration it's showing "Website not found". while it redirects to 'login.php' when this function is placed above Session declaration.
Can anyone tell what is reason behind this?
Welcome.php
<?php require_once("../../includes/session.php"); ?>
<?php confirm_patient_logged_in(); ?> //WORKING HERE
<?php
if(isset($_GET["language"])){
if($_GET["language"] == "english"){
$_SESSION["language"] = "english";
}else{
$_SESSION["language"] = "hindi";
}
}
?>
<?php confirm_patient_logged_in(); ?> // NOT WORKING HERE
Function:
function confirm_patient_logged_in(){
if(!patient_logged_in()){
redirect_to("login.php");
}
}
function redirect_to($new_location){
header("Location: " . $new_location);
exit;
}
patient_logged_in() checks if user is logged-in or not
It seems like you forgot to add session_start(); before using $_SESSION variable:
<?php
require_once("../../includes/session.php");
session_start();
if(isset($_GET["language"])){
if($_GET["language"] == "english"){
$_SESSION["language"] = "english";
}else{
$_SESSION["language"] = "hindi";
}
}
confirm_patient_logged_in(); // SHOULD WORK
?>
So it the missing session_start(); was causing an error but you were unable to see the error probably display_error ini php.ini is disabled and you were getting Website not found notification on your browser.
I am trying run a script called random_post_generator.php which should execute every time a user is logged in.
I am using this approach as an alternative to cron.
Here is how my session is currently created:
<?php
ob_start();
session_start();
if (!isset($_SESSION["user_login"])) {
header("Location: index.php");
} else {
$username = $_SESSION["user_login"];
}
?>
But how do I say - "if session is active, then run this script"?
<?php
ob_start();
session_start();
if (!isset($_SESSION["user_login"])) {
header("Location: index.php");
} else {
$username = $_SESSION["user_login"];
include 'random_post_generator.php';
}
?>
or you can use require 'random_post_generator.php'
If I understood correctly, you are trying to find out how to include a script of php (that is located in an outside .php file) inside your current file while using your previous code that checks if a user is logged in:
<?php
$root_directory_path = $_SERVER['DOCUMENT_ROOT'];
ob_start();
session_start();
if (!isset($_SESSION["user_login"])) {
header("Location: index.php");
} else {
$username = $_SESSION["user_login"];
$pathName = $root_directory_path."myScript.php";//I am assuming here
//the script is located inside the root directory, and not in a sub
//directory
require($pathName);
}
?>
just remember that whatever php code is inside myScript.php has to have the <?php ?> tag surrounding it. Your code does not reuse the <?php ?> tag of the "calling" file.
Let me know if that worked for you
I have a simple authentication: you login in the login.php page and you are redirected to the home.php page.
This is the code of login.php:
if(pg_num_rows($rs) == 0){ //I search in db for a row with username and password
$errMess = "error";
pg_close($conn);
}else{
$row = pg_fetch_row($rs);
session_start();
$_SESSION['username']=$_POST["nick"];
$_SESSION['admin'] = $row[0];
pg_close($conn);
header("Location: /home.php");
}
now in the home I have the header done in this way:
<?php require_once("scripts/functions.php");
require_once("scripts/config.php");
session_start();
?>
<div id="siteHeader" class="headersLeft"><?php echo WELCOME;?></div>
<div id="userContainer" class="headersRight">
Logged as: <?php echo getDisplayName(); ?>
<?php if(isset($_SESSION['username'])) {?>
<button class="button" onclick="location.href='/logout.php';">logout</button>
<?php }else{ ?>
<button class="button" onclick="location.href='/login.php';">login</button>
<?php }
?>
</div>
it doesn't work: even if data is correct it still gives me "guest", the session variable is lost in the header passage..how come?
Solved: i was under windows and the default path to the temp folder, where php actually saves session files, was wrong: was "/tmp" and was not recognized.
I set it to "C:\php\tmp" and it worked: session file was not saved at all!
Write session_start(); on top of everything (right after
<?php
session_start();
require_once("scripts/functions.php");
require_once("scripts/config.php");
?>
or if still doesn't work then write your code like this:
<?php
ob_start();
session_start();
require_once("scripts/functions.php");
require_once("scripts/config.php");
?>
Also don't forget to put these two lines at the top of your login.php page.
Hope it helps :)
I'm guessing there's some more code after the if statement that continues to manipulate $_SESSION. That's where $_SESSION['username'] is assigned the 'guest' value.
Remember, header("Location: /home.php"); only sets a response header. It doesn't redirect immediately, stopping script execution.
Place a exit; command right after header() to prevent execution from reaching the rest of the code:
header("Location: /home.php");
exit;
this works for me:
session_save_path ( "" ) ;
session_start();
i want to redirect login.php to index.php when $_SESSION['user'] is not empty (user logged in)
<?php
session_start();
if (isset($_SESSION['user'])){
header ('refresh:3 ; URL:index.php');
}
?>
but when user log in the page doesn't redirect to the index.php
This should work:
<?php
session_start();
if (isset($_SESSION['user'])){
header('Location: http://www.yoursite.com/');
die();
}
?>
If you want to redirect the user after x senconds, then use
<?php
session_start();
if (isset($_SESSION['user'])){
header( "refresh:3;url=whatever.php" );
}
?>
You're doing it wrong. Example of how to do it and some more info about the header.
<?php
session_start ();
if (isset($_SESSION['user'])
{
header ('Refresh: 3; url=index.php');
// ^
}
?>
You used : it should be an equal sign.
I'm trying to use the code below to make the <a href='http://www...com/.../footervote.php'>Vote</a> link appear if a user logs in and a user shows up in the function getEditorsList(). The vote link only appears if the browser is refreshed.
Any idea how I could make the vote link appear without having to refresh the browser?
Thanks in advance,
John
index.php:
<?php
require_once "header.php";
//content
include "login.php";
// more content
require_once "footer.php";
?>
In header.php:
<?php
error_reporting(0);
session_start();
require_once ('db_connect.inc.php');
require_once ("function.inc.php");
$seed="0dAfghRqSTgx";
$domain = "...com";
$editors = getEditorsList();
foreach($editors as $editor)
{
$editorids[] = $editor['loginid'];
}
if(in_array($_SESSION['loginid'], $editorids))
{
echo "<div class='footervote'><a href='http://www...com/.../footervote.php'>Vote</a></div>";
}
?>
login.php:
<?php
if (!isLoggedIn())
{
if (isset($_POST['cmdlogin']))
{
if (checkLogin($_POST['username'], $_POST['password']))
{
show_userbox();
} else
{
echo "Incorrect Login information !";
show_loginform();
}
} else
{
show_loginform();
}
} else
{
show_userbox();
}
?>
Do you set $_SESSION['loginid'] after your in_array query? If you render header.php first, in_array returns false (although the session has been started, but loginid will be set a few lines down the road in login.php).
Move this:
if(in_array($_SESSION['loginid'], $editorids))
{
echo "<div class='footervote'><a href='http://www...com/.../footervote.php'>Vote</a></div>";
}
from header.php to login.php like this:
else {
show_userbox();
if (in_array...
}
If the link is present but hidden you use some DHTML (JQuery / Scriptaculous) to set the display/visibility attributes correctly.
If the link is not present in the original html (preferable for security reasons) then when the login occures fire off an AJAX request that returns javascript that will insert the link in the correct location (parent element).