I am trying to change my navigation bar depending on whether the user has signed in. Eventually also checking whether the user is an admin or not and having different list items depending on these conditions.
The issue is since my condition is in PHP it doesn't seem to respect the if statement and when the page is loaded both ul are shown.
I have a session start at the top of my page so the value of "loggedin" should be stored.
<header>
<div class="container">
<div class="Logo">
<img src="./images/LogoSmall.png" width="60px" height="60px" alt="Logo">
<h2> Quality Speakers Global </h2>
</div>
<div>
<nav>
<?php
if($_SESSION["loggedin"] == "yes"){
?>
<ul>
<li class="current">Home</li>
<li>Login/Register</li>
<li>Products</li>
<li>Report</li>
<li>My Account</li>
</ul>
<?php } else{?>
<ul>
<li class="current">Home</li>
<li>Login/Register</li>
<li>Products</li>
<li>Report</li>
</ul>
<?php
}
?>
</nav>
</div>
</header>
What i want is to only show the ul depending on the condition
here is my php login code:
<?php
session_start();
$con = mysqli_connect('localhost','root','pass1','accounts');
if(isset($_POST["UsernameLogin"])) {
$Logusername = $_POST['UsernameLogin'];
}
if(isset($_POST["PasswordLogin"])) {
$Logpassword = $_POST['PasswordLogin'];
}
$query = " select * from users where username = '$Logusername' && password = '$Logpassword'";
$result = mysqli_query($con, $query);
$row = mysqli_fetch_assoc($result);
$num = mysqli_num_rows($result);
if($num == 1) {
$_SESSION["username"] = $Logusername;
$_SESSION["level"] = $row["usertype"];
$_SESSION["loggedin"] = 'yes';
if($_SESSION["level"] == "admin") {
header('location:AccountsPage.php');
} else {
header('location:userpage.php');
}
} else {
header("Location: Index.html");
}
?>
Your index.html page is not being parsed as php. Change the extension to .php or change configuration to also parse html files.
Related
Please, I'm new to PHP and I'm building a subscription-based ecommerce site. I've been able to customize the pages such that they look different based on who's browsing what, but I'd like to take the Renew Account off the admin page since they don't have to subscribe.
I've been struggling all day. Please, could someone show me how it could be achieved?
Below is the snippet:
<?php // Show the user info or the login form:
if (isset($_SESSION['user_id'])) {
// Show basic user options:
echo '<div class="title">
<h4>Manage Your Account</h4>
</div>
<ul>
<li>Renew Account</li>
<li>Change Password</li>
<li>Favorites</li>
<li>History</li>
<li>Recommendations</li>
<li>Logout</li>
</ul>
';
// Show admin options, if appropriate:
if (isset($_SESSION['user_admin'])) {
echo '<div class="title">
<h4>Administration</h4>
</div>
<ul>
<li>Add Page</li>
<li>Add PDF</li>
<li>Blah</li>
</ul>
';
}
} else { // Show the login form:
require ('login_form.inc.php');
}
?>
What you could do is to first check if the user admin session is set, to which I added the same conditional value for in the first conditional statement.
If it is set, then assign an empty value for what I named as $renew, with an else{} with the value that I removed from your existing <li></li>.
The first two session arrays here are only representational values of course.
I concatenated the '.$renew.' variable in the menu.
Note: Make sure that the session was started using session_start() inside all pages using sessions; that is not known.
$_SESSION['user_id'] = 123;
$_SESSION['user_admin'] = "john";
if (isset($_SESSION['user_admin'])) {
$renew = '';
} else {
$renew = '<li>Renew Account</li>';
}
if (isset($_SESSION['user_id'])) {
// Show basic user options:
echo '<div class="title">
<h4>Manage Your Account</h4>
</div>
<ul>
'.$renew.'
<li>Change Password</li>
<li>Favorites</li>
<li>History</li>
<li>Recommendations</li>
<li>Logout</li>
</ul>
';
// Show admin options, if appropriate:
if (isset($_SESSION['user_admin'])) {
echo '<div class="title">
<h4>Administration</h4>
</div>
<ul>
<li>Add Page</li>
<li>Add PDF</li>
<li>Blah</li>
</ul>
';
}
}
Try..
If(!isset($_SESSION['user_admin'])) {echo '<li>Renew Account</li>'; }
This way if it the session variable for admin is set the echo won't occur.
I searched the whole internet to find a solution, but couldn't find one.
This is my problem: I made a site to login a user, create a session and the possibility to log out (of course). However, when I log in a user, I create a session, but the session just keeps going on and doesn't stop when I try to destroy it.
index.php
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<title>Home</title>
</head>
<body>
<!-- menu bar -->
<?php if (session_status() == PHP_SESSION_ACTIVE) { ?>
<div class="navbar">
<ul>
<li>Home</li>
<li>Products</li>
<li>Contact</li>
<li style="cursor: pointer;" onclick="document.getElementById('logoutpop').style.display='block'"><a>My account</a></li>
<li style="cursor: pointer;">Log out</li>
<ul style="float: right;">
<li ><a href="winkelmandje.php" >Shopping Bag</a></li>
</ul>
</ul>
</div>
<?php } elseif (session_status() == PHP_SESSION_NONE){ ?>
<div class="navbar">
<ul >
<li>Home</li>
<li>Products</li>
<li>Contact</li>
<li style="cursor: pointer;" onclick="document.getElementById('loginpop').style.display='block'"><a>Log in</a></li>
<ul style="float: right;">
<li ><a href="winkelmandje.php" >Shopping bag</a></li>
</ul>
</ul>
</div>
<?php } else {}?>
// other irrelevant html code
</body>
</html
login_action.php
<?php
session_start();
// server gegevens
$servername = "localhost";
$username = "user";
$password = "password";
$dbname = "db";
// Connect with server
$conn = new mysqli($servername, $username, $password, $dbname);
$email = "";
$password = "";
// Give connection error
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
else {
}
if(isset($_POST['submit'])) {
$email = $_POST['email'];
$password = $_POST['password'];
// check if filled in
if(!empty($_POST['email'])) {
// query in SQL
$query = ("SELECT * FROM WebsiteUsers WHERE email='$email' AND pass='$password' ");
// result
$result = $conn->query($query);
// check if result exists in database
if ($result->num_rows > 0)
{
while($row = $result->fetch_assoc())
{
}
// session variables
$_SESSION['loggedin'] = $email;
$_SESSION['message']="You are now logged in";
header('Location: index.php');
exit;
}
else
{
// show some error
}
}
}
$conn->close();
?>
logout_action.php
<?php
session_start();
session_destroy();
header("Location: index.php");
exit;
?>
You're using session_status() to check if the user is logged in.
But according to the docs http://php.net/manual/en/function.session-status.php PHP_SESSION_ACTIVE is true when a session is started. You create a session at the beginning of the home page using session_start() even tho the user isn't logged in he's still starting a session. So you need to set a variable in the session itself stating if the user passed the login or not.
Also:
You're storing your passwords in plain text, don't do that use Bcrypt or a diferent algorithm
Your code is vulnerable to SQL injection, learn about prepared statements and use them http://php.net/manual/en/mysqli.prepare.php don't under any circumstances use your current code in a production environment
I have a reporting website that I created and I'm slowly adding functionality to it. I've just added a part where it is supposed to force a user to log in. It's really just to capture the users CorpID, I don't keep or record the password and it's not required.
Right now I have the login portion working. Then I'm trying to run a check to make sure that a user is logged in and if not to force them to log in. I am only doing this right now on the Admin page, which only I have access to. Here is how I've got it right now:
AdminPage.php:
<body>
<?php
require 'CheckLogin.php';
include 'Menu.php';
?>
Other code for the page
CheckLogin.php:
<?php
$Expiration = time() - (60*60*24*7);
echo "You made it to here!";
if(!isset($_COOKIE['UserName']))
{
if(isset($_POST['UserName']))
{
setcookie("UserName",$_POST['UserName'],$Expiration);
}
else
{
echo "<script>location.href='LoginForm.php'</script>";
}
}
else
{
if(isset($_POST['UserName']))
{
setcookie("UserName",$_POST['UserName'],$Expiration);
}
else
{
setcookie("UserName",$_COOKIE['UserName'],$Expiration);
}
}
?>
UPDATE
Here's the Menu.php
<?php
$AdminUsers = include 'AdminUsernames.php';
if(isset($_COOKIE['UserName']) && in_array($_COOKIE['UserName'],$AdminUsers,TRUE))
{
$user = 'Admin';
}
else
{
$user = 'User';
}
//echo "<BR>"; print_r($_COOKIE['UserName']);
//echo "<BR>"; print_r($AdminUsers);
?>
<div class="menu-wrap">
<nav class="menu">
<ul class="clearfix" id="menu">
<li>Home</li>
<li>Report Builder</li>
<li>OPCEN Reports
<ul class="sub-menu">
<li>New COEI OPR Report</li>
<li>New OSP OPR Report</li>
<li>EOJ Report</li>
<li>Material Tracking</li>
<li>Vendor Material Tracking</li>
<li>CAF2 Tracker</li>
<li>JIM Report</li>
</ul>
</li>
<li>CAFII Reports
<ul class="sub-menu">
<li class="minHeight">Material Received Job Not Started</li>
<li class="minHeight">CAF2 Tracker New Test</li>
<?php
include 'DBConn.php';
$data = $conn->prepare('SELECT Id, QName, SSRSName from pmdb.QDefs where QSrc = 2 AND IsActive = 1 order by QName');
$data->execute();
$result = $data->fetchAll(PDO::FETCH_ASSOC);
foreach ($result as $q)
{
echo '<li class="minHeight">' . $q['QName'] . '</li>';
}
?>
</ul>
</li>
<li>Invoicing/Closing
<ul class="sub-menu">
<li>Non-Varasset Invoices</li>
</ul>
</li>
<li>ENG Reports
<ul class="sub-menu">
<li>Approved Projects</li>
<li>Approved Projects Previous Day</li>
<li>M6Action</li>
</ul>
</li>
<?php
if($user == 'Admin')
{
include 'AdminMenu.php';
}
?>
</ul>
</nav>
</div>
It's really just a standard menu and has been working fine till I added the require for the CheckLogin.php page.
All I get is a blank page when I have this require in the AdminPage.php. I don't get the echo I don't get the menu or anything.
What am I doing wrong? This isn't the first time that I've used the require, but it is the first time that it results in a blank page.
I do know that I have the expiration set to last week, I'm trying to force a re-login.
Put the following in your script before any includes or requires.
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
Using Doug's suggestion from above I found the error. In using the require I did not use the full path for the file and so it could not be opened. What that line should look like is:
require 'Helper/LoginCheck.php';
I'm creating a Server Side php Website application.
In my first page , the whole code is php , and I've set
$_SESSION["lang"] = 'lang.en.php';
$_SESSION["lang"] = 'lang.it.php';
When I change flag, I change a variable :
if (Trim($_SESSION["lang"])=='')
{
include 'lang.it.php';
}
if (Trim($_SESSION["lang"])=='lang.en.php')
{
include 'lang.en.php';
}
if (Trim($_SESSION["lang"])=='lang.it.php')
{
include 'lang.it.php';
}
I have the following problem
My second page .php is 50% html and 50% php because in html I put a simple dropdown menu.
My Question is : How can I pass to html my variables from another php page without using Jquery?
<li> <a class="active" href="home.php"><?php $home?></a> </li>
Variable $Home is stored in - lang.it.php -
How di I access to my variables?
P.s.
I don't want to pass all Menu's variable in the session because I think is crazy to do..
EDIT --
html
<head>
<link href="Css/Menu.css" rel="stylesheet" type="text/css">
<script>
</head>
<body>
<center ><div id="header"><center >
<ul>
<li><a class="active" href="home.php">Home</a></li>
<li>Area Download</li>
<li class="dropdown">
<a href="javascript:void(0)" class="dropbtn"
onclick="myFunction()">MenĂ¹</a>
<div class="dropdown-content" id="myDropdown">
VARIABLE 1 HERE
VARIABLE 2 HERE
VARIABLE 3 HERE
</div>
<li>Logout</li>
</li>
</ul>
</div>
<center ><div id="Realbody"><center >
<center ><div id="Footer"><center >
</html>
<?php
require_once("rpcl/rpcl.inc.php");
//Includes
use_unit("forms.inc.php");
use_unit("extctrls.inc.php");
use_unit("stdctrls.inc.php");
use_unit("styles.inc.php");
include 'parameters.php';
//Class definition
class PaginaDownload extends Page
{
public $Label1 = null;
public $LoginCss = null;
function PaginaDownloadShow($sender, $params)
{
if ((empty($_SESSION["name"])) || (empty($_SESSION["user"])))
{
header('Location: \index.php');
}
}
}
global $application;
global $PaginaDownload;
//Creates the form
$PaginaDownload=new PaginaDownload($application);
//Read from resource file
$PaginaDownload->loadResource(__FILE__);
//Shows the form
$PaginaDownload->show();
?>
I've to replace VARIABLE 1 , 2 , 3 with my variable on Lang.php
<li><a class="active" href="home.php">Home</a></li>
<li><a class="active" href="home.php"><?php $home?> </a></li>
That's my try :
//Includes
use_unit("forms.inc.php");
use_unit("extctrls.inc.php");
use_unit("stdctrls.inc.php");
use_unit("styles.inc.php");
use_unit("Zend/zauth.inc.php");
include '/parameters.php';
if (Trim($_SESSION["lang"])=='') { include 'lang.it.php'; }
else
include Trim($_SESSION["lang"]);
//Class definition
and here my lang file
<?php
/*
------------------
Language: English
------------------
*/
//Login Page #1/X
$title_page_Login = 'Login';
$Err_1_Login = 'Login Credentials Incorrect';
$Err_2_Login = 'Not Found User :';
$Err_3_Login = 'Database Offline';
$Err_4_Login = 'Insert User & Password';
$Err_5_Login = 'Need User';
$Err_6_Login = 'Need Password';
$req_user = 'Insert Username';
$req_pass = 'Insert Password';
$Bt_Label = 'Sign In';
//-------------------
//Home
$home = 'Home';
?>
I am trying to make a simple website on which a visitor can make an account and login with that account. The register/login code has already been done and it works with a database.
When the user has logged in he/she will be redirected to the homepage but the homepage will be slightly changed.
Instead of two links in the navigation bar (Login and Register) there will be one link saying "My account".
I tried to do this by using this code:
<nav class="navbar navbar-default">
<div class="container">
<div class="navbar-header">
<a class="navbar-brand" href="#">Brand</a>
</div>
<ul class="nav navbar-nav navbar-right">
<?php
if(!empty($_SESSION['login_user'])){
?>
<li><a href='register.html'>My Account</a></li>
<?php
}else{
?>
<li><a href='register.html'>Register</a></li>
<li><a href='login.html'>Log in</a></li>
<?php
}
?>
</ul>
</div>
</nav>
The problem i have is that when the session is created, the two links disappear but the "My Account" link doesnt not appear.
What did i do wrong here?
Sorry for the bad title, it's 11:30 pm and english is not my native language.
For the people who want to see the login script:
<?php
include('connect.php');
session_start();
$error = "";
$emailaddress = $_POST["emailaddress"];
$password = $_POST["password"];
if(empty($emailaddress) || empty($password)){
$error = "Email or password is invalid!";
echo $error;
}
else{
$queryforlogin = mysql_query("SELECT * FROM users WHERE emailaddress='$emailaddress' AND password='$password'");
$rows = mysql_num_rows($queryforlogin);
if($rows==1){
$_SESSION['login_user'] = mysql_fetch_array(mysql_query("SELECT firstname FROM users WHERE emailaddress='$emailaddress'"));
echo "Welcome, " . $_SESSION['login_user']['firstname'] . "!";
}
else{
$error = "Email or password not found!";
echo $error;
}
header("Location: ../index.php");
mysql_close($connect);
}
?>