I have created a simple one user one password custom login to protect a specific page. In the page I want to protect (gallery.php) I have the following code:
<?php
session_start();
if (!$_SESSION["Login"]){
header("Location:index.php");
}
?>
<p>some protected content</p>
As so if user enters url http://www.example.com/pics/gallery.php
the pages take you to http://www.example.com/pics/index.php
In index I have the fallowing code:
<?php
session_start();
if(($_POST['username'] == "user1") && ($_POST['pass'] == "pass1"))
{
$_SESSION["Login"]= true;
header("Location:gallery.php");
}
else
{ ?>
<?php include 'header.php'; ?>
<div class="wlcm">
<div class="login-box wow fadeInUp">
<h2 class="lgn-tle">Please login</h2>
<form name="login" method="post" accept-charset='UTF-8'>
<input
type="text"
id="username"
name="username"
class="wow fadeInUp"
data-wow-delay=".2s"
placeholder="User"
required="true">
<input
type="password"
id="pass"
name="pass"
class="wow fadeInUp"
data-wow-delay=".4s"
placeholder="Password"
required="true">
<input
type="submit"
name="Submit"
class="submit wow fadeInUp"
data-wow-delay=".6s"
value="Login">
</form>
</div>
</div>
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
echo "incorrect";
}
}
?>
While the code on gallery.php works and takes user to login.php if he's not already logged in. When I submit correct info in index.php I just get a blank page without any php errors.
It seems like header("Location:gallery.php"); doesn't do anything and I have tried absolute paths and spaces after "Location".
Am I missing something here?
All I want is a custom login using an html form instead of .htaccess and to do so in the simples and cleaner possible way.
Why you include login.php like <include'login.php'/>?
it should be <?php include 'login.php'; ?>
And form should have action set to login.php or index.php if you're checking if values are set on index.php
Related
I am trying to build a php login system with no databases being used.
The system is build from 4 main php files, login.php, welcome.php and product.php and logout.php.
in the navigation's bar of other pages, there is a "login" option, when clicking on it you are just being transfered into login.php file that contains the login form.
I want to change the login to logout when getting the right password and username.
here is the code for login.php:
<form method="POST" action="login/welcome.php" class="form">
<h2 class="h2" style="text-align: center;">Login</h2>
<div class="input">
<input type="text" class="form-control" placeholder="username" name="username">
</div>
<br>
<div class="input">
<input type="password" placeholder="password" name="password">
</div>
<br>
<button type="submit" class="float" style="padding: 10px 15px;"><b>Submit</b></button>
</form>
And this is the code for welcome.php:
<?php
$username="admin";
$password="admin";
session_start();
if (isset($_SESSION['username'])){
header("Location: https://chessforu.000webhostapp.com/login/product.php");
}
else{
if ($_POST['username']==$username && $_POST['password']==$password){
$_SESSION['username']=$username;
echo "<script>location.href='welcome.php'</script>";
}
else{
echo "<script>alert('username or password incorrect!')</script>";
echo "<script>location.href='login.php'</script>";
}
}
This is the code for product.php:
<?php
session_start();
if (isset($_SESSION['username'])){
}
else {
echo "<script>location.href='login.php'</script>";
}
<html>
<body>
<p> Thanks for logging in! </p>
<div id="wrapper">
<nav>
<ul class="main_menu">
<li>Main Page
<li>About Us
<li>Contact us
<li>Logout
</ul>
</nav>
</div>
This is the code for logout.php:
<?php
session_start();
if (isset($_SESSION['username'])){
session_destroy();
echo "<script>location.href='login.php'</script>";
}
else{
echo "<script>location.href='login.php'</script>";
}
?>
Just use a simple if statement that determines what button/link to display (log in or log out) by simply checking the session to check if he is logged in or not.
To not repeat yourself, You can move the navigation bar to a single file, add your logic, and require this file whenever you want to add the navigation bar.
So I'm trying to use this http://www.formget.com/how-to-redirect-a-url-php-form/ as an RSVP form.
Ideally, entering the right code on (http://baby.engquist.com/invite/) will lead you to a google form. However, when I enter any code (right or wrong) and press the button, it simply refreshes back to the /invite page.
My code is as follows:
<p style="text-align: center;">
<form action="index.php" id="#form" method="post" name="#form">
<div class="row">
<div class="large-3 columns large-centered">
<div class="row collapse">
<div class="small-10 columns">
<input id="code" name="code" placeholder="Enter the code to RSVP." type="text" >
</div>
<div class="small-2 columns">
<input id='btn' name="submit" type='submit' class="button prefix" value='Go'>
</div>
</div>
</div>
</div>
<?php
include "redirect.php";
?>
</form>
</p>
And the included redirect.php:
<?php
if(isset($_POST['submit'])){
// Fetching variables of the form which travels in URL
$code = $_POST['code'];
if($code ='show620')
{
// To redirect form on a particular page
header("Location:http://google.com/");
} else {
print "Oops that's not the right code. Try again!";
}
?>
Thanks so much for any help!
You should have action attribute pointing to file where you do processing after submitting. In your case its redirect.php
Use :
<form action="redirect.php" > ............
And dont include redirect.php at the bottom of the form.
You need to write ob_start(); on top of your page and die(); after header("Location:http://google.com/"); in redirect.php
The php header redirect only works if it's called from a page that is completely blank. You have to change your form action to "redirect.php" and simply get rid of the code at the bottom of your html.
I am creating a website where I want to sign in and sing out. So when I sign in I redirect to home.html, so in home.html I added a button by naming it "logout", I want to add function on it so whenever I will click on that button it will sign me out. As I know already, the code I have to use but don't know how put that code to logout button?
I want to know how I can refer my this button name="logout" button to that specific code
session_destroy(); so when I m in home.html click on Sign out button it will destroy my current season and locate me back to index.php.
index.php
<form class="form-horizontal" role="form" action="process.php" method="post">
<div class="form-group">
<label id="email" for="inputtext" class="col-sm-4 control-label">User name:</label>
<div class="col-sm-4">
<input type="text" class="form-control" id="inputEmail" placeholder="User name" name="username">
</div>
</div>
<div class="form-group">
<label id="pass" for="inputPassword" class="col-sm-4 control-label">Enter Password</label>
<div class="col-sm-4">
<input type="password" class="form-control" id="inputPassword" placeholder="Password" name="pass">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" class="btn btn-success">Sign me in!</button>
</div>
</div>
</form>
process.php
<?php
$action = $_GET['action'];
if ($action == 'logout') {
unset($_SESSION['username']);
}
$username = $_POST ['username'];
$password = $_POST ['pass'];
//fixed values
if($username=='syedhasan' AND $password=='Syed712207') {
echo "You have successfully logged in";
header('Location: home.html');
}
else {
echo "Credential is wrong";
}
?>
in home.html i have added this button
<input href="logout.php" type="submit" class="signout btn btn-warning"" value="Sign Out" name="logout">
THen i created logout.php
<?php
session_start();
unset($_SESSION);
session_destroy();
header("Location: index.php");
?>
Create another file named "logout.php".Place the below code.
<?php
session_start();
unset($_SESSION);
session_destroy();
header("Location: index.php");
?>
On click of "logout" button ,it should redirect to "logout.php".
Just create another page called logout.php. Unset the session there unset($_SESSION['someusername']) and write code to redirect to your home page.
header('Location: http://www.example.com/');
All you have to do is give user a link to sign out, and redirect the page to index.php.
home.html:
Logout
logout.php
<?php
session_start();
session_destroy();
header('Location: index.php');
?>
ok
you have logout buttom with and you have to make logout.php and link it to logout buttom
for example
logout.PHP
<?PHP
session_start();
session_destory();
unset($_SESSION['user_id']);
header("location: login.html");
?>
And index.html like this
<a name="logout" href="logout.php"> Logout </a>
I assume your login page is login.php, there I guess you have a html form for username and password, and also have the user validation with the redirect to home.html. It makes sense to put the logout logic also in there.
Put the following code to the top of login.php:
$action = $_GET['action'];
if($action == 'logout') {
/* I'm sure you don't want to destroy the entire session, as there
could be other valuable data stored, so use unset to destroy only
the specific login-variable. */
unset($_SESSION['loginVar']);
}
$_SESSION['loginVar'] is the session var where you users login data is stored.
Now you can use the following href for the logout link / button:
login.php?action=logout
HTML
<a href='index.php?logout=1'>Logout</a>
PHP
if(isset($_GET['logout'))
{
session_destroy();
header('Location:home.php');
}
I have designed the login page as shown below with the functionality to check from the database. I want the site to redirect the user to their specified page displaying their reports page (view_report.php) after successful login. For some reason, after entering the details, the page returns back to the same page instead of not logging in and doesn't throw any errors as well. I'm not sure as to where I went wrong. Thanks for the help in advance. :-)
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
----header area----
</head>
<body>
<div class="logo"></div>
<div class="login"> <!-- Login -->
<h1>Login</h1>
<form class="form" method="POST" action="index.php">
<p class="field">
<input type="text" name="login" placeholder="Restaurant id" required/>
<i class="fa fa-user"></i>
</p>
<p class="field">
<input type="password" name="password" placeholder="Password" required/>
<i class="fa fa-lock"></i>
</p>
<p class="submit"><input type="submit" name="commit" value="Login"></p>
<p class="remember">
<input type="checkbox" id="remember" name="remember" />
<label for="remember"><span></span>Remember Me</label>
</p>
<p class="forgot">
Forgot Password?
</p>
</form>
</div> <!--/ Login-->
<?php
if( $_SESSION["logging"]&& $_SESSION["logged"])
{
header("Location:view_report.php");
}
else {
if(!$_SESSION["logging"])
{
$_SESSION["logging"]=true;
}
else if($_SESSION["logging"])
{
$number_of_rows=checkpass();
if($number_of_rows>=1)
{
$_SESSION[user]=$_GET[userlogin];
$_SESSION['logged']=true;
header("Location:view_report.php");
}
}
}
function checkpass()
{
$servername="localhost";
$username="root";
$conn= mysql_connect($servername,$username)or die(mysql_error());
mysql_select_db("konjam_disc",$conn);
$sql="select * from users where name='$_GET[userlogin]' and password='$_GET[password]'";
$result=mysql_query($sql,$conn) or die(mysql_error());
return mysql_num_rows($result);
}
?>
</body>
</html>
I am not giving actual code. only giving logic.
Use below logic.
session_start();
if(session logged in){
header("Location:view_report.php");
}
else{
show your html form;
}
You cannot redirect or "modify headers" once you send any HTML output so your redirect code must be before you send any HTML content. So your code could be something like this
<?php
session_start();
if( $_SESSION["logging"]&& $_SESSION["logged"])
{
header("Location:view_report.php");
} else {
if(!$_SESSION["logging"])
{
$_SESSION["logging"]=true;
}
else if($_SESSION["logging"])
{
$number_of_rows=checkpass();
if($number_of_rows>=1)
{
$_SESSION[user]=$_GET[userlogin];
$_SESSION['logged']=true;
header("Location:view_report.php");
}
}
}
?>
<html>
...
refer this answer
How to fix "Headers already sent" error in PHP
I'm using sessions to save what ever the user types in the form and what ever they do type will be displayed on the other pages.
It was working perfectly fine but after all the server uploads and such my code has completely done one on me and i'm lost.
Can somebody see if they can spot a mistake? I need fresh eyes.
HTML.
<div id="form"><!--Form Start-->
<form action="home.php" method="post">
<p>Enter Name <input type="text" id="full_name" name="fullName" class="name_input"/>
<input type="submit" name="submit" value="Submit" />
</p>
</form>
</div><!--Form end-->
PHP.
<?php
session_start(); // declaring the variable
if(isset($_POST['fullName'])){ //setting the variable
if(empty($_POST['fullName'])){ //if empty dont to nothing but my wep page will reload
}else{ //if they have do this
$_SESSION['fullName'] = $_POST['fullName']; //get the session for the name (From the from)
header("Location: home.php"); //then will direct the user to the home page (will also display name on each page)
}}
?>
Session on other pages
<div id="echo"> <!-- div ECHO start -->
<?php
echo $_SESSION['fullName']
?>
</div> <!--div ECHO end -->
$_SESSION['fullName'] = $_POST['fullName'];
session_register(fullName);
replace with this code try it
You'll need to add session_start() on whatever page you are redirecting to that is supposed to display the data.
Also, (I'm assuming you realize) what you posted doesn't have anything that would output the data, like:
<input type="text" name="fullName" value="<?php echo $_SESSION['fullName']; ?>"/>
You need to start session on other page as well and stop the script from setting that session. After header location you need to use exit here.
<?php session_start();?>
<div id="echo"> <!-- div ECHO start -->
<?php
echo $_SESSION['fullName'];
?>
you need use exit after header location :-
header('location: home.php');
exit;
Just change the div id form to other because it has a default and remove the empty function because you add isset functon.
Use this.
<div id="myform"><!--Form Start-->
<form action="home.php" method="post">
<p>Enter Name <input type="text" id="full_name" name="fullName" class="name_input"/>
<input type="submit" name="submit" value="Submit" />
</p>
</form>
</div><!--Form end-->
PHP.
<?php
session_start();
if(isset($_POST['fullName']))
{
$_SESSION['fullName'] = $_POST['fullName']; //get the session for the name (From the from)
header("Location: home.php");
exit();
}
?>
Session on other pages.
<div id="echo"> <!-- div ECHO start -->
<?php
session_start();
print_r($_SESSION);
echo $_SESSION['fullName'];
?>
</div> <!--div ECHO end -->
May be it helpful to you.If any problem then let me know.
You are "posting" the values to home.php, doing that you can't set $_SESSION['fullName'] = $_POST['fullName'] in the origin.
Change
<form action="home.php" method="post">
to
<form action="name_of_the_first_script.php" method="post">
$_POST['fullName'] does not exist before the redirect.
Here is how everything should look like (lest call the page index.php):
<div id="form"><!--Form Start-->
<form action="index.php" method="post">
<p>Enter Name <input type="text" id="full_name" name="fullName" class="name_input"/>
<input type="submit" name="submit" value="Submit" />
</p>
</form>
</div><!--Form end-->
now after you hit submit the index.php will be reactioned and at this time with the $_POST request meaning that that the condition
if(isset($_POST['fullName'])){
will be true and the PHP code can be executed, setting the $_SESSION variable and redirecting you to home.php where you ca now read the $_SESSION previously set in index.php
Hope this can me more clear now! :)