override include php if logged in - php

I'm working on a login system. I want when I login at index.php, the include from that page change to another. So in my case the fully header change and the login button disappear.
So I want to change <?php include('header.php'); ?>
to
<?php include('header2.php'); ?>
if logged in
The login:
<div id="loginContainer">
<span>Login</span><em></em>
<div style="clear:both"></div>
<div id="loginBox">
<form id="loginForm" action="login.php" autocomplete="on" method="post">
<fieldset id="body">
<fieldset>
<label for="email">Email Address</label>
<input id="username" name="username" required="required" type="text" placeholder="myusername"/>
</fieldset>
<fieldset>
<label for="password">Password</label>
<input id="password" name="password" required="required" type="password" placeholder="eg. X8df!90EO" />
</fieldset>
<input type="submit" name="login" value="Login" />
<label for="checkbox"><input type="checkbox" id="checkbox" />Remember me</label>
</fieldset>
<span>Forgot your password?</span>
</form>
</div>
</div></
Part of login.php
if($res = $mysqli->query($q))
{
if($res->num_rows > 0)
{
$_SESSION['userName'] = $userName;
//header("Location:welcome.php");
include('header4.php');
exit;
}
else
{
echo'<script>alert("INVALID USERNAME OR PASSWORD");</script>';
header("Location:index.php");
exit;
}
}


Simply check if a session is set, and then include the right file. Something like this.
if (isset($_SESSION['userName']) && !empty($_SESSION['userName'])) {
// If the user is logged in, include this file
include "header2.php";
} else {
// Else, we're not logged in, include this file
include "header.php";
}

Related

PHP Redirect to another page after login

Even though the if condition ($num>0) is true, I am not being redirected to the welcome.php, any help from fellow developers?
if(isset($_POST['login'])){
$password=$_POST['password'];
$email=$_POST['email'];
$ret= mysqli_query($con,"SELECT * FROM users WHERE email='$email' and password='$password'");
$num=mysqli_fetch_array($ret);
if($num>0)
{
$extra="welcome.php";
$_SESSION['login']=$_POST['email'];
$_SESSION['id']=$num['id'];
$_SESSION['full_name']=$num['full_name'];
$host=$_SERVER['HTTP_HOST'];
$uri=rtrim(dirname($_SERVER['PHP_SELF']),'/\\');
header("Location:http://$host$uri/$extra");
exit();
}
After login button is clicked, with the correct attributes, Im stuck on the same page, just blank white page.
<form name="login" action="" method="post">
<div class="uk-margin">
<div class="uk-inline">
<span class="uk-form-icon" uk-icon="icon: mail"></span>
<input class="uk-input" name="email" type="email" placeHolder="Enter your e-mail">
</div>
</div>
<div class="uk-margin">
<div class="uk-inline">
<span class="uk-form-icon" uk-icon="icon: lock"></span>
<input class="uk-input" name="password" type="password" placeHolder="Enter your password">
</div>
</div>
<input type="submit" name="login" value="LOG IN" >
</form>

replace header("location:http://$host$uri/$extra");
with header("Location: http://$host$uri/$extra");

how to redirect through user-home page

I am trying to redirect the index page to user-home.php page. but when I am trying to login its showing wrong user. How to redirect to the user-home page by this condition. expecting help. Thanks in advance. The following image is the database property of the signup page.
database of signup
HERE IS MY CODE FOR INDEX PAGE
<form method="post" action="" autocomplete="on">
<h3>Log in</h3>
<hr>
<p>
<label for="username" class="uname" data-icon="u" > Your username </label>
<input id="username" name="username" required="required" type="text"/>
</p>
<p>
<label for="password" class="youpasswd" data-icon="p"> Your password </label>
<input id="password" name="password" required="required" type="password"/>
</p>
<p class="login button">
<input type="submit" name="login" value="Login" />
</p>
</form>
<h2>dont have an account signup here</h2>
<li>signup</li>
</table>
<?php
if(isset($_POST['login'])){
$username = $_POST['username'];
$password = $_POST['password'];
$q=$db->prepare("SELECT* FROM signup WHERE username='$username' && password='$password'" );
$q->execute();
$row=$q->fetch(PDO::FETCH_OBJ);
$count = $q->rowcount();
if ($count >= 1){
session_start();
$_SESSION['id'] = $row['user_id'];
header('location:user-home.php');
}else{
echo "<script>alert ('Wrong User')</script>";
}
}
?>

PHP still not reading local file

After several attempts, I have no idea why the log in is not working. I'm trying to log the user in (user password and email stored on a .txt file, each line has count,useremail,password) and then redirect them to index2.php for only users to access. I'm not sure what I'm doing wrong.
log in form located in navbar in index.php
<form class="form" role="form" method="POST" action="login.php" accept-charset="UTF-8" id="login-nav">
<div class="form-group">
<label class="sr-only" for="email">Email address</label>
<input type="email" class="form-control" id="email" placeholder="Email address" required>
</div>
<div class="form-group">
<label class="sr-only" for="password">Password</label>
<input type="password" class="form-control" id="password" placeholder="Password" required>
</div>
<div class="form-group">
<button type="submit" class="btn btn-primary btn-block" id="submit">Sign in</button>
</div>
</form>
login.php code
<?php session_start();?>
<?php
$email=$_POST['$email'];
$pass=$_POST['$password'];
echo $email;
$fileName = "Data/users.txt";
$target = fopen($fileName, "r");
//find user
$users=fgetcsv($target,200,",");
while(!feof($target)){
if($email==$users[1]&&$pass==$users[2]){
$_SESSION['email']=$users[1];
$_SESSION['id']=$users[0];
//if found redirect
$redirect= "index2.php";
header("Location:$redirect");
exit();
}
else{
unset($_SESSION['email']);
unset($_SESSION['id']);
echo "<script>";
echo "alert(Invalid login.);";
echo "location.href='index.php?error=login';";
echo "</script>";
}
}
fclose($target);
?>

You can't echo $email; and then do a header() redirect. You will have to enable output buffering:
ob_start();
echo $email;
// other code
header("Location:$redirect");
ob_end_flush();
And enable error reporting to see what is going wrong.

how to display name after login php in all other pages not only homepage

I'm having trouble to display my name in all the pages that I have after login in the website :
AuthentificationController.php
public function Connex($db,$login,$mdp)
{
$requser = $db->prepare("SELECT * FROM users WHERE login = ? AND motdepasse
= ?");
$requser->execute(array($login,$mdp));
$userexist = $requser->rowCount();
if($userexist == 1)
{
$userinfo = $requser->fetch();
$_SESSION['login'] = $userinfo['login'];
$_SESSION['motdepasse'] = $userinfo['motdepasse'];
if($userinfo['role']=="admin")
{
session_start();
header("Location:/ProjetWeb2A1 - Copie/account.php?id=".$_SESSION['login']);
}
else if($userinfo['role']=="client")
{
session_start();
header("Location:/ProjetWeb2A1 - Copie/accueil.php?id=".$_SESSION['login']);
}
}
Homepage.php
<div class="header">
<div class="header-left">
<ul>
<li>Inscription</li>
<li class="login">
<div id="loginContainer"><a id="loginButton"><span>Se Connecter</span></a>
<div id="loginBox" style="display: none;">
<form id="loginForm" method="POST" action="\ProjetWeb2A1 - Copie\controllers\Authentification_controller.php">
<label>Login</label>
<input type="text" name="login" id="email" >
<label for="password">Mot de passe</label>
<input type="password" name="password" id="password">
<input type="submit" id="login" value="Connexion" name="xxl1">
<label for="checkbox"><input type="checkbox" id="checkbox"> <i>Rester Connecté</i></label>
<span>Mot de passe oublié?</span>
</form>
</div>
</div>
</li>
</ul>
</div>
If someone could answer me what i need to do to change that Inscription and Se
Connecter with my username in all my other pages please

You can do it like this :
Add a php file (functions.php in this example) with this content
<?php
function logged_in () {
if (isset($_SESSION['login'])) {
return true;
} else {
return false;
}
}
function redirect_to ($url) {
header("Location: {$url}");
}
?>
Then, in your Homepage.php, import the saved file and check if the user is connected like this
require_once("functions.php");
<div class="header-left">
<?php if (logged_in() == false) { ?>
<ul>
<li>Inscription</li>
<li class="login">
<div id="loginContainer"><a id="loginButton"><span>Se Connecter</span></a>
<div id="loginBox" style="display: none;">
<form id="loginForm" method="POST" action="\ProjetWeb2A1 - Copie\controllers\Authentification_controller.php">
<label>Login</label>
<input type="text" name="login" id="email" >
<label for="password">Mot de passe</label>
<input type="password" name="password" id="password">
<input type="submit" id="login" value="Connexion" name="xxl1">
<label for="checkbox"><input type="checkbox" id="checkbox"> <i>Rester Connecté</i></label>
<span>Mot de passe oublié?</span>
</form>
</div>
</div>
</li>
</ul>
<?php } else { $name = $_SESSION['name']; ?>
<h1> Hello <?=$name?> </h1>
<?php } ?>
</div>
You should save the $_SESSION['name'] in your AuthentificationController.php

As long as you use $_SESSION, and want to populate it, start each page with :
<?php
session_start();
$login = $_SESSION['login'];
echo"Welcome $login";
?>
simple code example, only to give you a hint... then, do whatever you need : check it, secure it...

PHP Session - Form Submit Logs Out User

I have a member form that requires a password to gain access to it.
Once the user has entered the password they may then enter in their details in the form.
However the problem is that when the user submits the form they are getting logged out of the session.
I would like the user to remain logged in when they hit submit and then be directed to a second member form further down the same page.
Here is the code I am using for the password login:
`
<?php
//encrypted password here - example is 'hello'
$password = 'aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d';
session_start();
session_unset();
session_destroy();
if (!isset($_SESSION['loggedIn'])) {
$_SESSION['loggedIn'] = false;
}
if (isset($_POST['password'])) {
if (sha1($_POST['password']) == $password) {
$_SESSION['loggedIn'] = true;
} else {
header ("Location: error.php");
exit();
}
}
if (!$_SESSION['loggedIn']): ?>
<html>
<head><title>Login Page</title></head>
<body>
<form method="post" action="registration/signup.php">
Password: <input type="password" name="password"> <br />
<input type="submit" name="submit" value="Login">
</form>
</body>
</html>
`
Here is the code I am using at the top of the password protected page (Member Form Page):
<?php
require('../access.php');
?>
And this is the form on the password protected page (Member Form Page):
<form action="#sky-form2" method="post" enctype="multipart/form-data" id="sky-form" class="sky-form">
<fieldset>
<div class="row">
<div class="col-md-4" align="left">
<label class="input">
<input type="text" name="name" placeholder="Name">
<b class="tooltip tooltip-bottom-left">Enter you full name</b>
</label>
</div>
<div class="col-md-4" align="left">
<label class="input">
<input type="email" name="email" placeholder="E-mail">
<b class="tooltip tooltip-bottom-left">Enter a valid email address</b>
</label>
</div>
</div>
</fieldset>
<div class="row">
<div class="col-md-4" align="left">
<button type="submit" button class="border-button">NEXT</button>
</div>
</div>
</form>
I know that the password method above is not the most secure, however I really dont require it to be. I just want the member form to be available to everyone who has been given a password for it.
Huge thank you to anyone who can help me out with this.

Categories