Everytime I go to my index.php page, I am getting the following error on Google Chrome:
This webpage has a redirect loop
Oh my phpmyadmin database, if the text in account_type is 'deactivate', I made it so the user is automatically redirected to logout.php (This is in the functions.php page)
If it's 'active', then nothing happens.
My index.php code:
<?php include_once 'connect.php';?>
<?php include_once 'functions.php';?>
<!doctype html>
<html lang="en" class="home-page">
<head>
</head>
<body>
<ul class="linklist-admin">
<?php
if (loggedin()){ ?>
<li>My Profile</li>
<?php } else { ?>
<li>Sign In</li>
<?php } ?>
</ul>
</body>
</html>
My functions.php code:
<?php
session_start();
function loggedin(){
if (isset($_SESSION['user_id']) && !empty($_SESSION['user_id'])){
return true;
} else {
return false;
}
}
if(loggedin()){
$my_id = $_SESSION['user_id'];
$user_query = mysql_query("SELECT username, account_type FROM users WHERE id='$my_id'");
$run_user = mysql_fetch_array($user_query);
$username = $run_user['username'];
$account_type = $run_user['account_type'];
$query_level = mysql_query("SELECT name FROM user_level WHERE id='$user_level'");
$run_level = mysql_fetch_array($query_level);
$level_name = $run_level['name'];
$d = 'deactivate';
$a = 'active';
}
if($account_type == $d) { //logs you out if your account is deactivated.
header('location: logout.php');
}
?>
My logout.php code:
<?php
include 'connect.php';
include 'functions.php';
session_destroy();
header('location: index.php');
if($account_type == $d) {
//do stuff here
}
I think that's what you want.
Related
So basically I'm doing my Login system and I came across an error.
<?php
require "header.php";
?>
<main>
<div class="wrapper-main">
<section class="section-default">
<?php
if (isset($_SESSION['userId'])) {
echo '<p class = "login-status">You are logged in!</p>';
}
else {
echo '<p class = "login-status">You are logged out!</p>';
}
?>
</section>
</div>
</main>
<?php
require "footer.php";
?>
$_SESSION['userId'] = $row['idUsers'];
$_SESSION['userUid'] = $row['uidUsers'];
When I press the login button it doesn't echo "You are logged in!". Instead, it keeps echoing "You are logged out!"
<?php
session_start();
require "header.php";
...
When user logged in, the login link on nav bar should be gone and logout link should appear how should i do it?
index.html:
<nav>
<p class="menu">Home</p>
<p class="menu">Products </p>
<p class="menu">Login</p>
<p class="menu">Logout</p>
</nav>
Login.php file:
<?php
require 'db.php';
session_start();
$password = $mysqli->escape_string($_POST['Pass']);
$email = $mysqli->escape_string($_POST['EmailAdd']);
$result = $mysqli->query("SELECT * FROM Account WHERE Usermail='$email'");
//check email in db
if ($result->num_rows == 0)
{
$_SESSION['message'] = "Email does not exist";
print '<script type="text/javascript">alert("' . $_SESSION['message'] .
'");
</script>';
header("Location: ../register.html");
}
else
{
//get user array
$user = $result->fetch_assoc();
if ($password == $user['password'])
{
$box = "Login successful";
$_SESSION['email'] = $user['Usermail'];
$_SESSION['logged_in'] = true;
echo ("<SCRIPT LANGUAGE='JavaScript'>
window.alert('Login Successful')
window.location.href='../index.html';
</SCRIPT>");
}
else
{
$_SESSION['message'] = "Wrong password";
header("Location: ../account.html");
echo "failed";
echo '<script language="javascript">';
echo 'alert("Wrong password")';
echo '</script>';
}
}
?>
I've gone through some of the post in stack overflow and apply things like if (!isset($_SESSION['email'])) and else statement on my index.php but its not working and i don't know what's the prob
Ps Previously was using index.php, since its not working so i change it back to index.html
<?php
if(!isset($_SESSION['logged_in'])){?>
<p class="menu">Login</p>
<?php }
else
{?> <p class="menu">Logout</p>
<?php } ?>
try the above code, Hope this helps
Assuming your code is correctly validating the credential and setting the auth state in the session $_SESSION['logged_in'] = true;
You can do something like this:
<nav>
<p class="menu">Home</p>
<p class="menu">Products </p>
<?php if (isset($_SESSION['logged_in']) && $_SESSION['logged_in'] == true): ?>
<p class="menu">Logout</p>
<?php else: ?>
<p class="menu">Login</p>
<?php endif; ?>
</nav>
Try this in your nav:
<?php
if($_SESSION['logged_in'] == "true"){
echo '<p class="menu">Login</p>';
}
else {
echo '<p class="menu">Logout</p>';
}
?>
It is not working because you use the .html extension instead of .php
<nav>
<p class="menu">Home</p>
<p class="menu">Products </p>
<?php if(empty($_SESSION['logged_in'])){ ?>
<p class="menu">Login</p>
<?php } else{ ?>
<p class="menu">Logout</p>
<?php } ?>
</nav>
This should work:
<nav>
<p class="menu">Home</p>
<p class="menu">Products</p>
<p class="menu">
<?php if(isset($_SESSION['logged_in]) && $_SESSION['logged_in]) {?>
Logout
<?php } else { ?>
Login
<?php } ?>
</p>
</nav>
I have login and logout pages but cannot logout always says the user already logged-in. Here is my login page:
<?php
session_start();
include_once("connection.php");
if(isset($_POST) & !empty($_POST)) {
$userName = mysqli_real_escape_string($connection, $_POST['userName']);
$userPassword = md5($_POST['userPassword']);
$login = "SELECT * FROM `users` WHERE userName = '$userName' and password = '$userPassword'";
$result = $connection->query($login);
while ($val = mysqli_fetch_array($result))
{
$isAdmin = $val['isAdmin'];
$companyID = $val['companyID'];
$branchID = $val['branchID'];
$ID = $val['ID'];
}
$count = mysqli_num_rows($result);
if($count == 1){
$_SESSION['userName'] = $userName;
setcookie("userID", $ID);
setcookie("companyID", $companyID);
setcookie("branchID", $branchID);
if(!$isAdmin){
header('location: home.php');
}
else {
header('location: admin/home.php');
}
}
else {
$fmsg = "Wrong user name";
}
}
if(isset($_SESSION['userName'])){
$smsg = "Already loggedin";
}
?>
Here is loggout page:
<?php
session_start();
session_destroy();
unset($_COOKIE['companyID']);
unset($_COOKIE['userID']);
unset($_COOKIE['branchID']);
setcookie('companyID', null, -1, '/');
setcookie('userID', null, -1, '/');
setcookie('branchID', null, -1, '/');
header('location: index.php');
?>
How could I solve this? Could anyone help me? Also there is an attached image show cookies.
Just use this:
$_SESSION = array();
session_destroy();
Here you can do is
$_SESSION['userName'] = ''; //clear userName only
And Add this in your Code
if(isset($_SESSION['userName']) && $_SESSION['userName'] != ''){
$smsg = "Already loggedin";
}
or
unset($_SESSION); //all session will be gone
$_SESSION = array();
// unset cookies
if (isset($_SERVER['HTTP_COOKIE'])) {
$cookies = explode(';', $_SERVER['HTTP_COOKIE']);
foreach($cookies as $cookie) {
$parts = explode('=', $cookie);
$name = trim($parts[0]);
setcookie($name, '', time()-1000);
setcookie($name, '', time()-1000, '/');
}
}
Hope this helps
Here my code its work for me
session_start();
unset($_SESSION['userid']);
unset($_SESSION['username']);
unset($_SESSION['photo']);
session_destroy();
unset($_COOKIE['userid']);
unset($_COOKIE['emailid']);
unset($_COOKIE['photo']);
setcookie('userid', null, -1, '/');
setcookie('emailid', null, -1, '/');
setcookie('photo', null, -1, '/');
header("Location:login");
I think problem is with Firefox that's worked with MS Edge. Thank you for all your helps my code is here:
logout:
<?php
session_start();
setcookie("branchID", "", 1);
setcookie("companyID", "", 1);
setcookie("userID", "", 1);
setcookie("userName", "", 1);
session_destroy();
header('location: index.php');
?>
login:
<?php
session_start();
include_once("connection.php");
if(isset($_POST) & !empty($_POST)) {
$userName = mysqli_real_escape_string($connection, $_POST['userName']);
$userPassword = md5($_POST['userPassword']);
$login = "SELECT * FROM `users` WHERE userName = '$userName' and password = '$userPassword'";
$result = $connection->query($login);
while ($val = mysqli_fetch_array($result))
{
$isAdmin = $val['isAdmin'];
$companyID = $val['companyID'];
$branchID = $val['branchID'];
$ID = $val['ID'];
}
$count = mysqli_num_rows($result);
if($count == 1){
$_SESSION['userName'] = $userName;
setcookie("userID", $ID);
setcookie("companyID", $companyID);
setcookie("branchID", $branchID);
if(!$isAdmin){
header('location: home.php');
}
else {
header('location: admin/home.php');
}
}
else {
$fmsg = "Hatalı Kullanıcı Adı/Şifre";
}
}
if(isset($_SESSION['userName']) && $_SESSION['userName'] != ''){
$smsg = "Kullanıcı Halihazırda Giriş Yapmış";
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="css/style.css">
<link rel="stylesheet" href="css/lib/lobipanel/lobipanel.min.css">
<link rel="stylesheet" href="css/lib/jqueryui/jquery-ui.min.css">
<link rel="stylesheet" href="css/lib/font-awesome/font-awesome.min.css">
<link rel="stylesheet" href="css/main.css">
</head>
<body>
<header class="site-header">
<div class="container-fluid">
<a href="#" class="site-logo">
<img class="hidden-md-down" src="img/logo-2.png" alt="">
<img class="hidden-lg-up" src="img/logo-2-mob.png" alt="">
</a>
<div class="site-header-content">
<div class="site-header-content-in">
<div class="site-header-shown">
<a href="#" class="site-logo">
<img class="hidden-md-down" src="img/logo-ds.png" alt="">
<img class="hidden-lg-up" src="img/logo-ds-mob.png" alt="">
</a>
</div><!--.site-header-shown-->
HOŞ GELDİNİZ
</div><!--site-header-content-in-->
</div><!--.site-header-content-->
</div><!--.container-fluid-->
</header><!--.site-header-->
<div class="form-style-6">
<h1>Giriş Yap</h1>
<form action="" method="post">
<input type="text" name="userName" placeholder="Kullanıcı Adı" />
<input type="password" name="userPassword" placeholder="Şifre" />
<input type="submit" value="Giriş Yap" />
</form>
</div>
<div class="container">
<?php if(isset($smsg)){ ?>
<div class="alert alert-success" role="alert"> <?php echo $smsg; ?></div>
<?php } ?>
<?php if(isset($fmsg)){ ?>
<div class="alert alert-danger" role="alert"> <?php echo $fmsg; ?></div>
<?php } ?>
<?php if(isset($asmsg)){ ?>
<div class="alert alert-success" role="alert"> <?php echo $asmsg; ?></div>
<?php } ?>
<?php if(isset($afmsg)){ ?>
<div class="alert alert-danger" role="alert"> <?php echo $afmsg; ?></div>
<?php } ?>
</div>
</body>
</html>
I have my index.php page, which is where users can register and log in with sessions.
This is the error I'm getting:
Notice: Undefined index: username in C:\wamp\www\CMS\admin\index.php on line 18.
What's wrong with my code?
Short snippet of index.php:
Source code:
<?php include "includes/admin_header.php" ?>
<div id="wrapper">
<!-- Navigation -->
<?php include "includes/admin_navigation.php" ?>
<div id="page-wrapper">
<div class="container-fluid">
<!-- Page Heading -->
<div class="row">
<div class="col-lg-12">
<h1 class="page-header">
Welcome To Admin
<small><?php echo $_SESSION['username'] ?></small>
</h1>
</div>
</div>
This is my login.php
Source code:
<?php include "db.php"; ?>
<?php session_start(); ?>
<?php
if (isset($_POST['login'])) {
$username = $_POST['username'];
$password = $_POST['password'];
// For login security
$username = mysqli_real_escape_string($connection, $username);
$password = mysqli_real_escape_string($connection, $password);
$query = "SELECT * FROM users WHERE username = '{$username}' ";
$select_user_query = mysqli_query($connection, $query);
if(!$select_user_query){
die("QUERY FAILED: " . mysqli_error($connection));
}
while($row = mysqli_fetch_array($select_user_query)) {
$db_user_id = $row['user_id'];
$db_username = $row['username'];
$db_user_password = $row['user_password'];
$db_user_firstname = $row['user_firstname'];
$db_user_lastname = $row['user_lastname'];
$db_user_role = $row['user_role'];
}
if ($username !== $db_username && $password !== $db_user_password) {
header("Location: ../index.php");
} else if($username === $db_username &&
$password === $db_user_password) {
$_SESSION['username'] = $db_username;
$_SESSION['firstname'] = $db_user_firstname;
$_SESSION['lastname'] = $db_user_lastname;
$_SESSION['user_role'] = $db_user_role;
header("Location: ../admin");
}
else {
header("Location: ../index.php");
}
}
?>
On the first line of your PHP script, write this:
if (session_status !== PHP_SESSION_ACTIVE) {
session_start();
}
For debugging purposes, add
var_dump($_SESSION);
after the if { } block. You also have to be sure that the session exists in every file you want to use it. To simplify the process I'll give you a short example:
You create a header.php file where you put the if {} block from above.
Whenever you want to use the session in a script, you just include that header file on the first line of your script.
//header.php
if (session_status !== PHP_SESSION_ACTIVE) {
session_start();
}
//index.php
include 'header.php';
echo $_SESSION['username'];
//login.php
include 'header.php';
$_SESSION['username'] = 'John Doe';
I am trying to return a $user_id variable from file to if(isset(...)) statement. I will perform a different if statement but just trying to echo out the $user_id variable to test that I am setting the page.
<?php
include 'core/init.php';
include 'init.image.php';
protect_page();
include 'includes/overall/overall_header.php';
if(isset($_GET['username']) === true && empty($_GET['username']) === false){
$username = $_GET['username'];
if(user_exists($username) === true){
$user_id = user_id_from_username($username);
$profile_data = user_data($user_id, 'first_name','last_name','email', 'username');
?>
<h1><?php echo $profile_data['first_name']; ?>'s Yor Page</h1>
<div id="navWrapper">
<ul>
<li>
<img src="uploads/profile/blank_profile.gif" width="150" height="150" id="blank_profile">
</li>
<nav>
<ul>
<li>
Albums
</li>
<li>
Music
</li>
</ul>
</nav>
</ul>
</div>
<?php
if(isset($_GET['action']) && $_GET['action']=='albums'){
$albums = get_profile_albums($user_id);
if(empty($albums)){
echo 'No Albums';
}else{
foreach($albums as $album){
if (empty($album['image'])) {
$album['image'] = 'uploads/profile/blank_profile.gif';
}
?>
<p><?php echo $album['name'],' (', $album['count'], ')'?> <br />
<a href="<?php echo $profile_data['username'];?>?action=album_id=<?php echo $album['id'];?>">
<img src="uploads/thumbs/<?php echo $album['id'];?>/<?php echo $album['image'];?>" />
</a><br />
<?php echo $album['description'];?>...<br />
</p>
<?php
}
}
}
if(isset($_GET['action']) && $_GET['action']=='album_id=$album['id']'){
echo $user_id;
}
if(isset($_GET['action']) && $_GET['action']=='music'){
echo'<h1>Music</h1>';
}
}else{
echo 'Sorry, that user doesn\'t exist';
}
}else{
header('Location: index.php');
exit();
}
include 'includes/overall/overall_footer.php';
?>
Single quotes do not parse the string but double quotes do. For example:
$album_id = 1;
echo 'album_id=$album_id ';
echo "album_id=$album_id";
Will result in album_id=$album_id album_id=1
Thus, $_GET['action']=='album_id=$album_id' is checking if $_GET['action'] is equal to 'album_id=$album_id' and not what $album_id is evaluated to.
Your check should be more along these lines:
if (/* ... */ && $_GET['action']=="album_id=$album_id") {
Edit: Suggestion.
You should check $_GET['action'] once and store $action. From there create an if/else if/else statement checking each possible type of action (music, albums, album, etc). If a type of action requires extra user supplied data, include that in the respective if block. For example:
$action = $_GET['action'];
// URL: /script.php?action=albums
if ($action == 'albums') {
// ...
}
// URL: /script.php?action=album&album_id=12
else if ($action == 'album') {
if (!empty($_GET['album_id'])) {
$album_id = $_GET['album_id'];
echo "User with id $user_id is trying to access album with id $album_id";
}
// ...
}
// ...
No more $_GET['action']=="album_id=$album_id"
You are passing the variable correctly.
What I'm more concerned with in the following line is:
if(isset($_GET['action']) && $_GET['action']=='album_id=$album_id'){
'album_id=$album_id' doesnt look right and is probably why your if is not firing... It looks like you're trying to use the variable $album_id wrapped in single quotes and that will not substitute the value and rather keep $album_id in tact. I'm not sure if this is what you intended but if not its likely the source of your problem.