I am trying to build a php login system with no databases being used.
The system is build from 4 main php files, login.php, welcome.php and product.php and logout.php.
in the navigation's bar of other pages, there is a "login" option, when clicking on it you are just being transfered into login.php file that contains the login form.
I want to change the login to logout when getting the right password and username.
here is the code for login.php:
<form method="POST" action="login/welcome.php" class="form">
<h2 class="h2" style="text-align: center;">Login</h2>
<div class="input">
<input type="text" class="form-control" placeholder="username" name="username">
</div>
<br>
<div class="input">
<input type="password" placeholder="password" name="password">
</div>
<br>
<button type="submit" class="float" style="padding: 10px 15px;"><b>Submit</b></button>
</form>
And this is the code for welcome.php:
<?php
$username="admin";
$password="admin";
session_start();
if (isset($_SESSION['username'])){
header("Location: https://chessforu.000webhostapp.com/login/product.php");
}
else{
if ($_POST['username']==$username && $_POST['password']==$password){
$_SESSION['username']=$username;
echo "<script>location.href='welcome.php'</script>";
}
else{
echo "<script>alert('username or password incorrect!')</script>";
echo "<script>location.href='login.php'</script>";
}
}
This is the code for product.php:
<?php
session_start();
if (isset($_SESSION['username'])){
}
else {
echo "<script>location.href='login.php'</script>";
}
<html>
<body>
<p> Thanks for logging in! </p>
<div id="wrapper">
<nav>
<ul class="main_menu">
<li>Main Page
<li>About Us
<li>Contact us
<li>Logout
</ul>
</nav>
</div>
This is the code for logout.php:
<?php
session_start();
if (isset($_SESSION['username'])){
session_destroy();
echo "<script>location.href='login.php'</script>";
}
else{
echo "<script>location.href='login.php'</script>";
}
?>
Just use a simple if statement that determines what button/link to display (log in or log out) by simply checking the session to check if he is logged in or not.
To not repeat yourself, You can move the navigation bar to a single file, add your logic, and require this file whenever you want to add the navigation bar.
Related
At the top of every page I have a header (header.inc.php) that has a login field that I add with
include 'login.php';
The code there is:
<?php
include 'checkPassword.php';
if (isset($_POST['login'])) {
if (checkLogin($_POST['username'], $_POST['password'])) {
session_start();
$_SESSION['isLoggedIn'] = true;
header("Refresh:0");
exit();
} else {
echo '<h1>nope</h1>';
}
}
?>
<div id="login"> <!-- Login field with link to registration -->
<fieldset>
<form method="POST" action="login.php">
<Legend>Login</Legend>
Username <input type="text" name="username" <?php if (isset($username)) {echo "value=$username";} ?>>
Password <input type="password" name="password"/>
<input type="submit" name="login">
<div id="register">
Not a member? Click here to register!
</div>
</form>
</fieldset>
</div>
I've seen a few different methods for using header() to load a certain page, but the login appears at the top of every page, therefore I'd like a way for the PHP to refer to itself. However, all the methods I've found so far refer to 'login.php', instead of the page the overall page that contains the header and login.
try this one
<?php
include 'checkPassword.php';
if (isset($_POST['login'])) {
if (checkLogin($_POST['username'], $_POST['password'])) {
session_start();
$_SESSION['isLoggedIn'] = true;
header("Refresh:0");
exit();
} else {
echo '<h1>nope</h1>';
}
}
?>
It refreshes your current page, and if you need to redirect it to another page, use following:
header("Refresh:0; url=page2.php");
echo meta tag like this: URL is the one where the page should be redirected to after refresh.
echo "<meta http-equiv=\"refresh\" content=\"0;URL=upload.php\">";
I included header.php to every page for header logo and check page permission by SESSION!
So if you request main.php without login (session null state), It will display login page and do exit in header.php for not showing current page content.
Its header.php is work for every page except login.php.Because login page is not show login form
So I want to show login form ,how can I check in header.php for its ? Sorry for my poor english :(
login.php
<?php
session_start();
include("header.php");
if($_POST){
//set session logged in
}
?>
<div class="login-box ">
<h3> Log In </h3>
<form method="POST">
<input type="text" name="user" placeholder="Type User Name"><br>
<input type="password" name="pass" placeholder="Type Password"><br>
<input type="submit" name="submit" value="Login" class="button">
</form>
<span id="signup_text">You are not still a member.Click Sign Up</span>
</div>
header.php
<?php
session_start();
?>
<div id="header" class="container">
<div id="logo">
<h1>Online Quiz Management</h1>
</div>
</div>
<?php
if (isset($_SESSION['login'])) {
echo "<div id='menu'><ul><li>HOme</li><li>Signout</li></ul></div>";
}
else {
echo "<div class=head1> Your are not logged in<br> Please <a href=login.php>Login</a><div>";
exit;
}
?>
</div>
</div>
?>
main.php
<?php
session_start();
include("header.php");
?>
//show main code if logged in
Just add a check if the current page is login.php and don't run your block if it is
else if(!basename($_SERVER['PHP_SELF']) == "login.php") {
echo "<div class=head1> Your are not logged in<br> Please <a href=login.php>Login</a><div>";
exit;
}
i think u dont need to include the header.php to login.php, since it is check for the session, while the login.php is the session starter...
after all, try to add this to the header.php :
session_start();
if(!isset($_SESSION['login'])){
echo '<script language="javascript">';
echo 'alert("Please Login")';
echo '</script>';
echo("<script>location.href = 'login.php';</script>");//direct the user to login.php if they aren't logged in
}
I have created a simple one user one password custom login to protect a specific page. In the page I want to protect (gallery.php) I have the following code:
<?php
session_start();
if (!$_SESSION["Login"]){
header("Location:index.php");
}
?>
<p>some protected content</p>
As so if user enters url http://www.example.com/pics/gallery.php
the pages take you to http://www.example.com/pics/index.php
In index I have the fallowing code:
<?php
session_start();
if(($_POST['username'] == "user1") && ($_POST['pass'] == "pass1"))
{
$_SESSION["Login"]= true;
header("Location:gallery.php");
}
else
{ ?>
<?php include 'header.php'; ?>
<div class="wlcm">
<div class="login-box wow fadeInUp">
<h2 class="lgn-tle">Please login</h2>
<form name="login" method="post" accept-charset='UTF-8'>
<input
type="text"
id="username"
name="username"
class="wow fadeInUp"
data-wow-delay=".2s"
placeholder="User"
required="true">
<input
type="password"
id="pass"
name="pass"
class="wow fadeInUp"
data-wow-delay=".4s"
placeholder="Password"
required="true">
<input
type="submit"
name="Submit"
class="submit wow fadeInUp"
data-wow-delay=".6s"
value="Login">
</form>
</div>
</div>
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
echo "incorrect";
}
}
?>
While the code on gallery.php works and takes user to login.php if he's not already logged in. When I submit correct info in index.php I just get a blank page without any php errors.
It seems like header("Location:gallery.php"); doesn't do anything and I have tried absolute paths and spaces after "Location".
Am I missing something here?
All I want is a custom login using an html form instead of .htaccess and to do so in the simples and cleaner possible way.
Why you include login.php like <include'login.php'/>?
it should be <?php include 'login.php'; ?>
And form should have action set to login.php or index.php if you're checking if values are set on index.php
I am creating a website where I want to sign in and sing out. So when I sign in I redirect to home.html, so in home.html I added a button by naming it "logout", I want to add function on it so whenever I will click on that button it will sign me out. As I know already, the code I have to use but don't know how put that code to logout button?
I want to know how I can refer my this button name="logout" button to that specific code
session_destroy(); so when I m in home.html click on Sign out button it will destroy my current season and locate me back to index.php.
index.php
<form class="form-horizontal" role="form" action="process.php" method="post">
<div class="form-group">
<label id="email" for="inputtext" class="col-sm-4 control-label">User name:</label>
<div class="col-sm-4">
<input type="text" class="form-control" id="inputEmail" placeholder="User name" name="username">
</div>
</div>
<div class="form-group">
<label id="pass" for="inputPassword" class="col-sm-4 control-label">Enter Password</label>
<div class="col-sm-4">
<input type="password" class="form-control" id="inputPassword" placeholder="Password" name="pass">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" class="btn btn-success">Sign me in!</button>
</div>
</div>
</form>
process.php
<?php
$action = $_GET['action'];
if ($action == 'logout') {
unset($_SESSION['username']);
}
$username = $_POST ['username'];
$password = $_POST ['pass'];
//fixed values
if($username=='syedhasan' AND $password=='Syed712207') {
echo "You have successfully logged in";
header('Location: home.html');
}
else {
echo "Credential is wrong";
}
?>
in home.html i have added this button
<input href="logout.php" type="submit" class="signout btn btn-warning"" value="Sign Out" name="logout">
THen i created logout.php
<?php
session_start();
unset($_SESSION);
session_destroy();
header("Location: index.php");
?>
Create another file named "logout.php".Place the below code.
<?php
session_start();
unset($_SESSION);
session_destroy();
header("Location: index.php");
?>
On click of "logout" button ,it should redirect to "logout.php".
Just create another page called logout.php. Unset the session there unset($_SESSION['someusername']) and write code to redirect to your home page.
header('Location: http://www.example.com/');
All you have to do is give user a link to sign out, and redirect the page to index.php.
home.html:
Logout
logout.php
<?php
session_start();
session_destroy();
header('Location: index.php');
?>
ok
you have logout buttom with and you have to make logout.php and link it to logout buttom
for example
logout.PHP
<?PHP
session_start();
session_destory();
unset($_SESSION['user_id']);
header("location: login.html");
?>
And index.html like this
<a name="logout" href="logout.php"> Logout </a>
I assume your login page is login.php, there I guess you have a html form for username and password, and also have the user validation with the redirect to home.html. It makes sense to put the logout logic also in there.
Put the following code to the top of login.php:
$action = $_GET['action'];
if($action == 'logout') {
/* I'm sure you don't want to destroy the entire session, as there
could be other valuable data stored, so use unset to destroy only
the specific login-variable. */
unset($_SESSION['loginVar']);
}
$_SESSION['loginVar'] is the session var where you users login data is stored.
Now you can use the following href for the logout link / button:
login.php?action=logout
HTML
<a href='index.php?logout=1'>Logout</a>
PHP
if(isset($_GET['logout'))
{
session_destroy();
header('Location:home.php');
}
I have designed the login page as shown below with the functionality to check from the database. I want the site to redirect the user to their specified page displaying their reports page (view_report.php) after successful login. For some reason, after entering the details, the page returns back to the same page instead of not logging in and doesn't throw any errors as well. I'm not sure as to where I went wrong. Thanks for the help in advance. :-)
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
----header area----
</head>
<body>
<div class="logo"></div>
<div class="login"> <!-- Login -->
<h1>Login</h1>
<form class="form" method="POST" action="index.php">
<p class="field">
<input type="text" name="login" placeholder="Restaurant id" required/>
<i class="fa fa-user"></i>
</p>
<p class="field">
<input type="password" name="password" placeholder="Password" required/>
<i class="fa fa-lock"></i>
</p>
<p class="submit"><input type="submit" name="commit" value="Login"></p>
<p class="remember">
<input type="checkbox" id="remember" name="remember" />
<label for="remember"><span></span>Remember Me</label>
</p>
<p class="forgot">
Forgot Password?
</p>
</form>
</div> <!--/ Login-->
<?php
if( $_SESSION["logging"]&& $_SESSION["logged"])
{
header("Location:view_report.php");
}
else {
if(!$_SESSION["logging"])
{
$_SESSION["logging"]=true;
}
else if($_SESSION["logging"])
{
$number_of_rows=checkpass();
if($number_of_rows>=1)
{
$_SESSION[user]=$_GET[userlogin];
$_SESSION['logged']=true;
header("Location:view_report.php");
}
}
}
function checkpass()
{
$servername="localhost";
$username="root";
$conn= mysql_connect($servername,$username)or die(mysql_error());
mysql_select_db("konjam_disc",$conn);
$sql="select * from users where name='$_GET[userlogin]' and password='$_GET[password]'";
$result=mysql_query($sql,$conn) or die(mysql_error());
return mysql_num_rows($result);
}
?>
</body>
</html>
I am not giving actual code. only giving logic.
Use below logic.
session_start();
if(session logged in){
header("Location:view_report.php");
}
else{
show your html form;
}
You cannot redirect or "modify headers" once you send any HTML output so your redirect code must be before you send any HTML content. So your code could be something like this
<?php
session_start();
if( $_SESSION["logging"]&& $_SESSION["logged"])
{
header("Location:view_report.php");
} else {
if(!$_SESSION["logging"])
{
$_SESSION["logging"]=true;
}
else if($_SESSION["logging"])
{
$number_of_rows=checkpass();
if($number_of_rows>=1)
{
$_SESSION[user]=$_GET[userlogin];
$_SESSION['logged']=true;
header("Location:view_report.php");
}
}
}
?>
<html>
...
refer this answer
How to fix "Headers already sent" error in PHP