Hi each time im refreshing or click a button that reload my index page ... which is my main page, the session dies .... here is a simple of code :
//session.class.php
<?php
session_start();
$_SESSION["EMAIL"] = "";
$_SESSION["LOGED"] = 0;
?>
//index.php
<?php
include_once ('session.class.php');
if (isset($_GET['login'])) {/// it a button submit in my form that use for login
$_SESSION["LOGED"] = 1;
include ("/module/Users/profile.php");// class that show profile if login an
// password is good
echo "session = ".$_SESSION["LOGED"];
}
if ($_SESSION["LOGED"] == 0) {
echo userFormLogin();//show login
echo "<a href=index.php?content=register>Register</a>";
}
?>
TY every one :D
Every time you load page, your EMAIL and LOGED session variables get reset. You don't need to declare them, SESSIONS don't exist until you make one. You are basically creating session but when you load page it gets set to 0 and you ask for login again.
You should use:
if(isset($_SESSION['LOGED'])){
actions for logged in
}
else{
show login page
}
Related
I have 1 SESSION variable that will load when a login form is inserted and it passes the test. But, the variable will only work in one page and when I click on a different page that includes the same file which gives me the SESSION, it doesn't work. It will only work for pages that are linked to the form. I am using the post method. sample.php <- site that is in action="sample.php" therefore its linked.
Beginning code for sample.php
<?php
session_start();
require 'php/login_admin.php';
if (isset($_SESSION['admin']))
echo ' all html code ';
Code for login_admin.php
if ($username == $row['username'] && $password == $row['password'])
{
session_set_cookie_params(3000, "/");
$_SESSION['admin'] = 'open';
} else {
session_close();
echo "Wrong password and username!";
}
NOTE I have this same set up for all pages and I do not know why only the pages linked directly to the form in the action attribute work.
On all your OTHER pages you only need to test for the admin session and if that fails then redirect to the login page... or display it... whatever you decide. But let's assume we go to a dedicated admin login page for fun...
So on All your other pages...except the login page...
<?php
session_start();
// Is the admin logged in?
if (!isset($_SESSION['admin']))
{
header("location:admin_login.php");
exit();
}
echo ' all html code ';
This question already has answers here:
Transfer variables between PHP pages
(5 answers)
Closed 5 years ago.
Sorry, this is a bit of a noob question, but...
I am creating a login page and I am having difficulty getting the login page to send me back to the web page that prompted the login redirect...
Can the previous page be stored via POST variable and accessed on the next page (login.php)?...I am having trouble just keeping that webpage url...if someone could show me how and explain why that would be amazing!
If I could just see how it looks to store variables to post so they can be viewed on the next page that would solve all my problems
original webpage:
<?php
//how do I post current url so it can be accessed on login
require_once('./../User_Auth/includes/authenticate.php');
?>
login webpage:
`header("Location:");`
Use Sessions to pass data to next page!
<?php session_start(); ?> // session starts with the help of this function
<?php
if(isset($_SESSION['use'])) // Checking whether the session is already there or not if
// true then header redirect it to the home page directly
{
header("Location:home.php");
}
if(isset($_POST['login'])) // it checks whether the user clicked login button or not
{
$user = $_POST['user'];
$pass = $_POST['pass'];
if($user == "Ank" && $pass == "1234") // username is set to "Ank" and Password
{ // is 1234 by default
$_SESSION['use']=$user;
echo '<script type="text/javascript"> window.open("home.php","_self");</script>'; // On Successful Login redirects to home.php
}
else
{
echo "invalid UserName or Password";
}
}
?>
What I've understood from your question is that you are on page that a certain point will redirect you to the login page, and after the login you would come back to the previous page, right?
If so:
From the php $_SERVER var you can get this information.
Practice example:
file loginpage.php
<?php
//at the beginning you place the code that catch the POST data if a login request was sent
if(!empty($_POST["username"]) && !empty($_POST["password"])){
//HERE DO LOGIN TRY
if(LOGIN_SUCCESSFULL){
$page = $_SERVER["HTTP_REFERER"]; //this contain the previous page
header("Location: $page");
}
else{
// show an error
}
}
else{
//if you arrive at this point of the code, this means that the we are visiting login page, so we have to rendere the page
require_once 'login_page_body_with_login_form.php'
}
Of course there are more advanced and secure technique, but this should give both an answer and an idea of how make things together.
Use this code on the landing page to redirect to the login page, passing the landing page URL as a $_GET variable.
if ( USER_NEEDS_TO_LOGIN ) {
$login = "/path/to/login/page";
$login = $login . '?tgturl=' . $_SERVER[ "REQUEST_URI" ];
header("Location: $login");
}
You could pass your previous page value from current page to authenticate.php.
<?php
$previousPage = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
//how do I post current url so it can be accessed on login
require_once('./../User_Auth/includes/authenticate.php');
?>
You can then access $previousPage in authenticate.php.
I created a login page to a php form that I also created. Whenever I fill the form with the required fields, I get redirected to a 'Thank you for your submission' page, that has the link 'Go Back to Form'.
The problem is, when I press the 'Go Back to Form' link, it assumes that I am not logged in anymore, and so I get directed to a white page instead.
Login Page Code:
<?php session_start(); ?>
<?php
if (isset($_POST['submitlogin'])) {
$username1= $_POST['username'];
$pass1= $_POST['password'];
if($username1==$nomepass && $pass1==$passpass) {
$_SESSION['CurrentUser']= $username1;
echo '**HTML FORM**';
}
else
{
//...
}
}
?>
Form 'Thank you' Page:
HTML code Inside PHP echo
...
echo ' <p> Back to login page </p>' ;
On the login form and subsequent pages using sessions, put an if statement to check if the session that tells that a person has logged in is set. Then, it will redirect you to a home page or whatever page you want if you are logged in.
That way, if you are not logged in, you can login otherwise, it will redirect you
<?php
session_start();
if(isset($_SESSION['CurrentUser'])){
// redirect to some page
}
else{
// do something else
}
You could also make that line to read as:
if(isset($_SESSION['CurrentUser']) && !empty($_SESSION['CurrentUser']))
Normally we can use the session and call it on every page where I wan to allow the register user, for example..
This is you php code
if (isset($_POST['submitlogin'])) {
$username1= $_POST['username'];
$pass1= $_POST['password'];
if($username1==$nomepass && $pass1==$passpass) {
$_SESSION['CurrentUser']= $username1;
header('location:index.php');
}
Now you can code in the index page like this...
<?php
if(!isset($_SESSION['currentUser']))
{
header('location:signin.php');
}
?>
if the session is set tyhen the above code will keep you login otherwise you will redirect to signin page..
I currently have a login form that redirects the user to another page if the login is successful. The page is supposed to be a protected page that will not open for the user if they are not logged in and will redirect them to the login form page.
In order to do this I stored the login data (email & password) as session variables and used these to verify if the user is allowed to view the page.
In my login php page I have the following code
<?php
session_start();
if ($count == 1) {
$_SESSION['logged'] = 1;
$_SESSION['email'] = $myemail;
$_SESSION['password'] = $mypassword;
header("Location: account.html");
exit();
}
?>
And I begin my account html file with the following :
<?php
session_start();
if ($_SESSION['logged'] != 1) { //no session
header("Location:memberlogin.html");
exit();
}
?>
However any time I load the account page I am allowed to view it each time. Its my first time using the Session variableand Im not sure if i Used it correctly.
FIXED Thanks to suggestions below
I tweaked the code suggested below and my protected page is now working. Thanks for all the help.
The php code won't be referenced from an html page.
So, change account.html to account.php then add the session check code on top of the page as follows:
account.php:
<?php
if ($_SESSION ['logged'] !=1) {
//User is not logged in
header ("Location:memberlogin.html");
exit();
}
?>
However, redirecting is not the best solution, you can display an error message if user is not logged in, else grant user access to the page information.
You can implement it as follows:
account.php:
<?php
if ($_SESSION ['logged'] !=1) {
//User is not logged in, display an error message
echo 'You need to be logged in to access this page';
exit();
}
else{
//Display all information that only a logged in user can view
echo 'You are logged in, you can view the page';
}
?>
i am trying to write a automatic logout script which seems to work but not to my expectations,i do not know what exactly im doing wrong,i want to put the timeout.php on every page so that when the user is idle it logs out automatically and redirects it to login page but when i put the timeout.php on for my add user page where admin adds users,its overriding the link for the add user page and putting a login page which is also not coming out nicely(i.e the form is getting out of its position)
this is the timeout.php code
<?php
$_SESSION = 0;
if($_SESSION['session_count'] == 0) {
$_SESSION['session_count'] = 1;
$_SESSION['session_start_time']=time();
} else {
$_SESSION['session_count'] = $_SESSION['session_count'] + 1;
}
$session_timeout = 10; // (in sec)
$session_duration = time() - $_SESSION['session_start_time'];
if ($session_duration > $session_timeout) {
session_unset();
session_destroy();
session_start();
session_regenerate_id(true);
$_SESSION["expired"] = "yes";
header("Location: login.php"); // Redirect to Login Page
} else {
$_SESSION['session_start_time']=time();
}
?>
i want it to automatically logout and redirect itself to the login page with a message yoour session has expired and i want it to put it on every page without it disturbing the forms or overlapping the page