My logout.php file is like this. Is there any mistake in my code
logout.php
<?php
session_start();
session_destroy();
header('Location:index.php');
exit;
?>
Here is my index.php file. If I am set $_SESSION['s_activId'] then it is working properly but when I am trying to put condition if $_SESSION['s_activId'] is not set at that time I want to pass header on index page sometimes it works sometimes it does not work.
<?php
include('include/config.inc.php');
if(!isset($_SESSION['s_activId']))
{
$_SESSION['s_urlRedirectDir'] = $_SERVER['REQUEST_URI'];
header("Location:index.php");
}
else
{
$wrong = '';
if(isset($_POST['submit']))
{
$checkLogin = "SELECT userName,password,userType
FROM user
WHERE BINARY userName = '".$_POST['userName']."'
AND BINARY password = '".$_REQUEST['password']."'";
$checkLoginresult = mysql_query($checkLogin);
if($userLoginRow = mysql_fetch_array($checkLoginresult))
{
$_SESSION['s_activId'] = $userLoginRow['userName'];
$_SESSION['s_password'] = $userLoginRow['password'];
$_SESSION['hg_userType'] = $userLoginRow['userType'];
if(!$_SESSION['s_urlRedirectDir'])
{
header("Location:index.php");
}
else
{
header("Location:reminder.php");
}
}
else
{
$wrong = "UserId And Password Is Not Valid";
}
}
}
include("bottom.php");
$smarty->assign('wrong',$wrong);
$smarty->display("index.tpl");
?>
The problem arise in the condition below in index.php:
if(!isset($_SESSION['s_activId']))
{
$_SESSION['s_urlRedirectDir'] = $_SERVER['REQUEST_URI'];
header("Location:index.php");
}
When you logout, you are calling session_destroy() on logout.php and redirecting on index.php and the condition above gets true as s_activId is not set in session and again you are redirecting on index.php (without setting s_activId in session). The above condition will be true until the variable s_activId set in session and because of this you are getting ERR_TOO_MANY_REDIRECTS error.
The solution is, on index.php set the variable s_activId in session before calling the header method. Refer the code below:
if(!isset($_SESSION['s_activId']))
{
$_SESSION['s_urlRedirectDir'] = $_SERVER['REQUEST_URI'];
$_SESSION['s_activId'] = true;
header("Location:index.php");
}
Dont redirect index.php to index.php. you having redirects loop. Also
if you have code below that also can fire add die in if because after
redirect code below still executes. I didnt read your code, maybe
there isnt problems with this but after
header("Location: lalala"); always add die(); or exit();
Related
I am trying to redirect my php login page so that if user is authorised, it goes to a page (r_index.php) and if the user isn't authorised they go back to the login page (login.html).
This is my code:
<?php
if ("password"=="$password") { // Start the condition ?>
Manage classes
<?php } // End the condition ?>
<?php if ("password"=="") { ?>
Login
<?php }
?>.
What am I doing wrong? How should I resolve it?
replace your code with this:
<?php
if ("password"== $password) {
header("location:r_index.php");
}
else if ($password=="") {
header("location:login.html");
}
?>
If you want to redirect you should use:
header('Location: http://www.example.com/r_index.php');
in your code.
<?php
$accessGranted = false;
if($password == 'password') {
$accessGranted = true;
}
if($accessGranted) {
header('Location: r_index.php');
}
else {
header('Location: login.html');
}
exit;
Actually your syntax is wrong, else there is no problem of using HTML inside php. It will work well and good.
Just make sure not to put your variable inside quotes, and change the statement as follows:
if($password=="password")
and
if($Password==" ")
i m trying to redirect to attempt page if user fills incorrect information...
on the other hand if attempt page got refreshed want it to be redirected on login page...
i m using session for that...
if (isset($c))
{
$q = mysql_query("select * from registeration where email='$a' and password='$b'");
$r = mysql_num_rows($q);
if($r)
{
$_SESSION["Authenticated"] = 1;
$_SESSION['id'] = $a;
}
else
{
$_SESSION["Authenticated"] = 0;
$_SESSION["att"] = 1;
}
if(isset($_SESSION["att"]))
{
header("location:attempt1.php");
}
else
{
session_write_close();
header('location:profile.php');
}
}
the above mentioned code is redirecting on attempt1.php
but code on attempt1.php redirecting back to index.php
session_start();
if (!isset($_SESSION["att"]))
{
echo "<meta http-equiv=\"refresh\" content=\"0; url=index.php\">";
}
i want attempt1.php code to redirect on user on index.php if session is not set..
and destroy session on refresh or direct page load...
so that direct access to this page results in redirection to index page
please help friends..
ANSWER ANSWER ANSWER
all the questions i asked i made silly mistakes...
here in this question i had not started session wile storing session variables....
add the below code in first line of login script
session_start();
//try this code
<?php
session_start();
if (!isset($_SESSION["att"]))
{
header("location: index.php");
}
?>
I think your asking to redirect if a session doesn't exist, since a session requires an ID you should be able to check against that:
if(!(session_id()) header("Location: /mypage.php");
Try this:
if(empty($_SESSION))
{
header("Location: /mypage.php");
}
else
{
// do something ....
}
-
Thanks
I have a big problem and i cant solve it. My session variables are exchanged between files but after refresh of the second page they disappear.
Here's the code:
index.php
session_start();
header('Title: So random');
header('charset: UTF-8');
//if index.php?login is requested
if(isset($_REQUEST['login'])) {
//'pass' input box value (from POST) is saved to $pass variable.
$pass = $_POST['password'];
//if pasword matches Password.
if($pass == 'Password') {
//session_start();
$_SESSION['logintoken'] = "approoved";
header("Location: list.php");
die();
} else { $error = true; }
}
if(isset($_SESSION['logintoken'])) {
header('Location: list.php');
die();
}
?>
Random HTML With login page goes here...
And then we have page, which is availble only for logged in. After redirecting from login to it it's okay but after refresh i have "logintoken not defined".
list.php
<?php
session_start();
if($_SESSION['logintoken'] != "approoved") {
//'<meta http-equiv="REFRESH" content="0; url=index.php">'
die();
}
?>
<html> goes here....
header('Title: So random');
header('charset: UTF-8');
$_SESSION['logintoken']='' ;
EDIT:
perhaps this is better
if(isset($_SESSION['logintoken']) && ($_SESSION['logintoken'] != "approoved"))
EDIT 2:
header("Location: list.php?token=".$_SESSION['logintoken']);
list.php
if($_REQUEST['token'] != "approoved") {
//'<meta http-equiv="REFRESH" content="0; url=index.php">'
die();
}
How it should work:
Index.php is the secured page. It includes check.php, which checks if you have a session = good. If it hasn't, you're not logged in -> log off, remove session. But it doesn't work, it always logs off, like I didn't log in...
index.php
include ‘check.php’;
echo "logged in";
check.php
session_start();
if($_SESSION[‘login’] != ‘good’) {
unset($_SESSION[‘login’]);
unset($_SESSION[‘name’]);
header(‘Location: login.php?logoff’);
exit();
}
Login.php
if(isset($_POST[‘login’])) {
$gb = array();
$gb[‘user1’] = ‘pass1’;
$gb[‘user2’] = ‘pass2’;
if(isset($gb[$_POST[‘username’]]) && $gb[$_POST[‘username’]] == $_POST[‘password’])
{
$_SESSION[‘login’] = ‘good’;
$_SESSION[‘name’] = $_POST[‘name’];
header("Location: index.php");
} else {
header("Location: login.php?wrongpass");
}
} else { ?>
Login Form
<?php } ?>
I hope someone can help me!
You should verify you started the session in login.php.
Put session_start(); in all the pages
You need to have session_start() at the top of all the pages, you havent shown the session start for your login page.
(Thanks to Danny for proving I cant type)
Check that you have register_globals is On in your php.ini
First check on the pages you want to use session variables session is start or not and if session is not stat then start it.
and this is the very first line in the php file.
Code for the session checking is :
if(!session_id())
{
session_start();
}
if($count==1){
session_start();
$_SESSION['Username'] = $UserName;
$_SESSION['Password'] = $password;
UpdateOnlineChecker($Session);
header( "Location: http://". strip_tags( $_SERVER ['HTTP_HOST'] ) ."/newHolo/" );
exit;
}
else {
echo "Wrong Username or Password";
}
Look at my code. It checks if the statement is true (for me, if there is one row with a query statement i execute). Then i start a session and basically Ill define global session variables, sned out a query to my database to update the session and then refer through.
you are missing a session_start(); in your if true block.
Use one for action document such as index.php there is code:
session_start();
if(isset($_POST['login']) && isset($_POST['password'])){
// login
header('Location: (here is some page)');
}
if(!isset($_SESSION['user']){
// #todo some action
} else {
require_once('login.php');
}
if(isset($_GET['logout'])){
unset($_SESSION['user']);
header('Location: (here is some page)');
}
I think problem is header:
('location:------.php);
Your hosting server doesn't run this.
You can use this:
echo "<script>window.location.href='-----.php'</script>";
How do I redirect to a splash page once with cookies?
I'm setting the cookie on my splash.php page to this:
<?php
$expire = time()+60;
setcookie("no_splash", "1", $expire);
?>
On that page there's a link to my index.php with this:
<?php
if($_COOKIE['no_splash']== '1') {
header("Location: index.php");
echo "it works";
} else if($_COOKIE['no_splash']!= '1') {
header("Location: splash.php");
};
?>
I keep getting a redirect loop error but can't figure why.
You are redirecting to index.php from the index.php file, hence the loop.
Change your code to be simply
if($_COOKIE['no_splash'] != '1') {
header("Location: splash.php");
exit;
}
or indeed
if(!$_COOKIE['no_splash']) {
header("Location: splash.php");
exit;
}
which is the same thing.
$expire = time()+60;
header("Set-Cookie: no_splash=1; expires=$expire; path=/");
header("Location: index.php");
Have you tried simply:
<?php
if($_COOKIE['no_splash']== '1') {
echo "it works";
} else {
header("Location: splash.php");
};
?>
Maybe isset($_COOKIE['no_splash']) rather than `$_COOKIE['no_splash']== '1'?
Also, not sure it this is what you want, but you can set simply not set the expiration time (or set it to 0), and it will delete the cookie when the browser is closed, so if they keep it open, they won't have to go back to the splash.