Displaying different include file based on logged in status - php

I'm trying to include a different navigation menu for users that are logged in but seem to be having trouble. I'm currently setting a session when a user successfully authenticates, that session then sets a session variable so we know if the user is logged in or logged out.
If they are logged in, they should see the logged in menu, otherwise they should just see the logged out menu. For some reason i cannot get this to work through checking if the user is logged in - not sure what i'm doing wrong.
index.php
<?php
require_once("inc/config.php");
require(ROOT_PATH . "inc/database.php");
session_start();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Property Rental</title>
<!-- CSS -->
<link href="css/bootstrap.min.css" rel="stylesheet">
<link href="css/style.css" rel="stylesheet">
<link href="css/responsive.css" rel="stylesheet">
<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body>
<header role="banner" id="top" class="navbar navbar-static-top bs-docs-nav">
<div class="container">
<div class="navbar-header">
<button data-target=".bs-navbar-collapse" data-toggle="collapse" type="button" class="navbar-toggle">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
</div>
<nav role="navigation" class="collapse navbar-collapse bs-navbar-collapse">
<ul class="nav navbar-nav">
<li class="active">
Menu Item 1
</li>
<li>
Menu Item 2
</li>
<li>
Menu Item 3
</li>
<li>
Menu Item 4
</li>
<li>
Menu Item 5
</li>
<?php
if ( $_SESSION['loggedin'] == true) {
include("inc/logged.php");
} else {
include("inc/loggedOut.php");
}
print_r($_SESSION);
?>
</ul>
</nav>
</div>
</header>
<div class="container">
<h1>Hello, world!</h1>
</div>
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script>
<script src="/js/bootstrap.js"></script>
<script src="/js/core.js"></script>
</body>
</html>
users.database.php
<?php
$username = $_POST['username'];
$password = $_POST['password'];
try {
$result = $db->prepare("SELECT username, pass FROM user_info WHERE username = :user AND BINARY pass = :pass");
$result->bindParam(':user', $username);
$result->bindParam(':pass', $password);
$result->execute();
$rows = $result->fetch(PDO::FETCH_NUM);
}
catch (Exception $e) {
echo "Could not retrieve data from database";
exit();
}
if ($password = $rows) {
session_start();
$_SESSION['username'] = $_POST['username'];
$_SESSION['loggedin'] = true;
} else {
if (isset($_POST['login'])) {
echo "Username or password incorrect (passwords are case sensitive)";
}
}
?>
logged.php
<li class="login-register pull-right">
<ul>
<li class="login pull-left">
My Account
<div class="login-box">
<div class="login-box-inner">
Logout
</div>
</form>
</div>
</li>
</ul>
</li>
loggedOut.php
<li class="login-register pull-right">
<ul>
<li class="login pull-left">
Login
LOGOUT
<div class="login-box">
<div class="login-box-inner">
<div class="up-arrow"></div>
<form role="form" method="post">
<div class="form-group">
<label>Username or Email</label>
<input type="text" name="username">
</div>
<div class="form-group">
<label>Password</label>
<input type="password" name="password">
</div>
<?php require(ROOT_PATH . "inc/users.database.php"); ?>
<div class="form-group">
<div class="row">
<div class="col-xs-6">
<label class="remember-me">
<input type="checkbox" name="remember"> Remember me
</label>
</div>
<div class="col-xs-6">
<button type="submit" name="login" class="btn btn-small btn-primary pull-right">Login</button>
</div>
</div>
</div>
</form>
</div>
</form>
</div>
</li>
<span class="slash">/</span>
<li class="pull-right">
Register
</li>
</ul>
</li>


$loggedin is not being set in your index.php file.
Replace your if condition with this:
if ($_SESSION['loggedin'] == true) {
You can also use this which has the exact same meaning...
if ( $_SESSION['loggedin'] ) {
With the above code, you are going to need to start a session on that page with session_start();
If you are using javascript to go back in the history when a user logs in, change it to this...
<script>
window.location.href = document.referrer;
</script>
NOTE: This will only go back one page in the history.

Related

Login page doesn't work as leads to unkown page

Quick Note : This thread was closed for being a duplicate question however the links I found were to do with 'Preventing MySQL Injection Attacks', which was not the answer I was looking for. If reposting this question goes against any guidelines, I don't mind taking this post down.
I've been working on an online booking website and the projects works when I run it on WAMP. I decided to get 1 month hosting on ecowebhosting.com and I've uploaded my project/files as well as change my 'db.php' file to match the settings of phpMyAdmin ( host, username, password, etc. ) however I am not able to sign in.
This is the login page for my website : https://gyazo.com/07f6bb065971b20ba07628d2a68cf1b0
And you are able to register, and the user has been registered when I checked the database on phpMyAdmin however I am not able to login as this occurs when I login in any account : https://gyazo.com/312725f461d4790a99b1b47e97a97066
I thought it was something to do with the 'dashboard.php' file, so I removed the 'include("auth_session.php")' to see if anything was wrong with the file, but it worked as normal. Here is a copy of the code for 'login.php':
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Modern Haircut Designs</title>
<!-- Bootstrap css style sheet -->
<link href="bootstrap/css/bootstrap.min.css" rel="stylesheet">
<!-- For the seperate stuff -->
<link href="coursework_style.css" rel="stylesheet">
<!-- Make sure to add this to the coursework style sheet so less files -->
<link href="login_style.css" rel="stylesheet">
<!-- To enable the javascript shenanigans -->
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
<script src="bootstrap/js/bootstrap.min.js"></script>
</head>
<body>
<?php
require('db.php');
session_start();
if (isset($_POST['username'])) {
$username = stripslashes($_REQUEST['username']);
$username = mysqli_real_escape_string($con, $username);
$password = stripslashes($_REQUEST['password']);
$password = mysqli_real_escape_string($con, $password);
$query = "SELECT * FROM `users` WHERE username='$username'
AND password='$password'";
$result = mysqli_query($con, $query) or die(mysql_error());
$rows = mysqli_num_rows($result);
if ($rows == 1) {
$_SESSION['username'] = $username;
header("Location: dashboard.php");
} else {
//Might be necessary to create an error page so the user knows?
header("Location: login.php");
}
} else{
?>
<nav class="navbar navbar-fixed-top navbar-inverse">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar-collapse">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="/index.php">Modern Haircut Designs</a>
</div>
<div class="collapse navbar-collapse" id="navbar-collapse">
<ul class="nav navbar-nav navbar-right">
<li class="actif">Home</li>
<li>Services</li>
<li>Our Team</li>
<li>Reviews</li>
<li>Contact</li>
<li>Login</li>
</ul>
</div>
</div>
</nav>
<section class="login-cover">
<div class="wrapper fadeInDown">
<div id="formContent">
<div class="fadeIn first">
<img src="img/login_icon.jpg" id="icon" alt="MHC Logo" />
</div>
<form method="post" name="login">
<input type="text" id="login" class="fadeIn second" name="username" placeholder="Username" required>
<input type="password" id="password" class="fadeIn third" name="password" placeholder="Password" style="background-color: #f6f6f6;border: none;color: #0d0d0d;padding: 15px 32px;text-align: center;text-decoration: none;display: inline-block;font-size: 16px;margin: 5px;width: 85%;border: 2px solid #f6f6f6;transition: all;0.5s ease-in-out;border-radius: 5px 5px 5px 5px;" required>
<input type="submit" class="fadeIn fourth" value="Login" name="submit">
</form>
<div class="formFooter">
<a class="underlineHover" href="register.php" id="register">Register Here</a>
<a class="underlineHover" href="#" id="forgot_password">Forgot Password?</a>
</div>
</div>
</div>
</section>
<?php
}
?>
<footer style="bottom: 0; width: 100%;">
crafted with ♥ in Bangladesh by ###
</footer>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
<script src="bootstrap/js/bootstrap.min.js"></script>
</body>
</html>
As requested, here's a markup for the 'dashboard.php' file:
<?php
//Reminder to include this for the booking part
include("auth_session.php");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Modern Haircut Designs</title>
<!-- Bootstrap Stuff -->
<link href="bootstrap/css/bootstrap.min.css" rel="stylesheet">
<!-- Coursework Style that's seperate -->
<link href="coursework_style.css" rel="stylesheet">
</head>
<body>
<nav class="#">
<div class="container">
<div class="#">
<button type="button" class="#">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="#" href="#top">Modern Haircut Designs</a>
</div>
<div class="#" id="#">
<ul class="#">
<li class="actif">Home</li>
<li>Services</li>
<li>Our Team</li>
<?php
if($_SESSION['username'] == 'admin'){
?><li>Manage Appointments</li><?php
}else{
?><li>View Appointments</li>
<li>Book Appointment</li>
<?php
}
?>
<li>Logout</li>
</ul>
</div>
</div>
</nav>
<div class="cover" id="top">
<div class="cover-text">
<h1>Hey, <?php echo $_SESSION['username']; ?>!</h1>
<p class="lead">Book an appointment now by clicking the button below</p>
Get started!
</div>
</div>
<section id="services">
<h2>Here is a list of the services we provide</h2>
<div class="container">
<div class="row">
#Text about the different types of haircuts
</section>
<section id="team">
<div class="container">
#Pictures and quotes of the different team members
</div>
</section>
<section id="contact-us">
<div class="container">
#ContactInformation here
</div>
</section>
<footer>
crafted with ♥ in Bangladesh by ###
</footer>
<!-- jQuery for javascript stuff-->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
<!-- Bootstrap javascript code / might remove tho -->
<script src="bootstrap/js/bootstrap.min.js"></script>
</body>
</html>

The solution, as pointed out by #rickdenhaan, was to move the block of php code containing the 'header(###)' section to the start of the file. Another solution I found was to use javascript to open the file.

how to prevent from going back to login page after logging in

I have developed a website in php. The index.php is a login form. After logging in dashboard.php is coming. But when I press the back button in the browser it is redirecting to the login page. How to prevent it. If there is any solution please tell. Thanks in advance. The codes are given below:
index.php
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title></title>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/bootstrap.min.css">
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.7.2/css/all.css" integrity="sha384-fnmOCqbTlWIlj8LyTjo7mOUStjsKC4pOpQbqyi7RrhN7udi9RwhKkMHpvLbHG9Sr" crossorigin="anonymous">
<link rel="stylesheet" type="text/css" href="style.css">
<!-- jQuery library -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<!-- Latest compiled JavaScript -->
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js"></script>
</head>
<body style="background-image: url('https://www.pixelstalk.net/wp-content/uploads/2016/05/HD-Black-Picture.jpg');">
<section id="login">
<div class="container">
<div class="row">
<div class="col-sm-2"></div>
<div class="col-sm-8 col1">
<div class="row">
<div class="col-sm-7 co2">
<h1 class="h1">Orbit Shifters Employee Site</h1>
<h2 class="h2">Login Here <i class="fas fa-long-arrow-alt-right"></i></h2>
</div>
<div class="col-sm-5 co1">
<form method="post" action="func.php">
<div>
<input type="text" name="username" class="i1" placeholder="Enter Your Username">
</div>
<div>
<input type="password" name="password" class="i1" placeholder="Enter Your Password">
</div>
<div>
<input type="submit" name="submit" class="btn btn1">
</div>
</form>
</div>
</div>
</div>
<div class="col-sm-2"></div>
</div>
</div>
</section>
</body>
</html>
func.php
<?php
session_start();
$con=mysqli_connect("localhost","root","","login");
$connect = new PDO('mysql:host=localhost;dbname=login', 'root', '');
if(isset($_POST['submit'])){
$username=$_POST['username'];
$password=$_POST['password'];
$query="select * from signup where username='$username' and password='$password';";
$result=mysqli_query($con,$query);
$row=mysqli_fetch_assoc($result);
if(mysqli_num_rows($result)==1)
{
$_SESSION["username"] = $username;
$_SESSION['status']="Active";
header("Location:dashboard.php?name=".$row['name']);
exit;
}
else{
echo "<script>alert('Enter Correct Details!!')</script>";
echo "<script>window.open('index.php', '_self')</script>";
}
}
?>
dashboard.php
<?php
session_start();
if($_SESSION['status']!="Active")
{
header("location:index.php");
}
else{
$name=$_GET['name'];
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title></title>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/bootstrap.min.css">
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.7.2/css/all.css" integrity="sha384-fnmOCqbTlWIlj8LyTjo7mOUStjsKC4pOpQbqyi7RrhN7udi9RwhKkMHpvLbHG9Sr" crossorigin="anonymous">
<link rel="stylesheet" type="text/css" href="style.css">
<!-- jQuery library -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<!-- Latest compiled JavaScript -->
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js"></script>
</head>
<body style="background:url(https://i.pinimg.com/originals/e5/f3/af/e5f3af2b9186af6e86187c84f4ad930e.jpg);">
<nav class="navbar navbar-inverse">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#myNavbar">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="dashboard.php?name=<?php echo $name; ?>">Dashboard</a>
</div>
<div class="collapse navbar-collapse" id="myNavbar">
<ul class="nav navbar-nav navbar-right">
<li class="li1"><span class="glyphicon glyphicon-log-in"></span> Logout</li>
</ul>
</div>
</div>
</nav>
<section id="dashboard">
<div class="container">
<div class="row ro1">
<p class="p1"> Hello <?php echo $name; ?>, Welcome to Orbit Shifters EMployee Site.</p>
</div>
<div class="ro1">
<div class="col-sm-4 col2">
<button class="btn btn2">Project 1 <br>Report <br>Submission</button>
</div>
<div class="col-sm-4 col2">
<button class="btn btn2">Project 2 <br>Monthly Report <br>Submission</button>
</div>
<div class="col-sm-4 col2">
<button class="btn btn2">Project 3 <br>Feedback <br>Submission</button>
</div>
</div>
</div>
</section>
</body>
</html>
<?php
}
?>
logout.php
<?php
session_start();
session_destroy();
$_SESSION = array();
unset($_SESSION['username']);
unset($_SESSION['status']);
header("Location:index.php");
?>

I am not sure if I understand the problem correctly, but what if you add a check at the beginning of the index.php file that would redirect you to the dashboard if you are logged in ? Something like this
// index.php
<?php
session_start();
if (isset($_SESSION['status']) && $_SESSION['status'] === "Active") {
header("location: dashboard.php");
}
?>
<!DOCTYPE html>
<html>
<head>
...
this way, if you click back in the browser, you will still go to index.php, but then you will be redirected to the dashboard again if you are already logged in

PHP Login just refreshes page no error

Hello I seem to be having a very frustrating problem with my login which i cannot seem to fix as there is no error output.I seem to have fixed this problem on my mac but i transfered the exact files over to my windows pc and its stopped working again. whenever I try and login with the example a#a.com and password a is seems to just refresh the page over and over no matter how many times I have tried.I was wondering if anyone could help with this error?
I have tried adding the action to login.php it seems to make no difference.
picture of table im taking data from:
session.php:
<?php
include('config.php');
session_start();
$user_check = $_SESSION['login_user'];
$ses_sql = mysqli_query($conn,"select email_adress from customer where email_adress = '$user_check' ");
$row = mysqli_fetch_array($ses_sql,MYSQLI_ASSOC);
$login_session = $row['email_adress'];
if(!isset($_SESSION['login_user'])){
header("location:login.php");
}
?>
login.php
<?php
include("config.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST") {
// username and password sent from form
$myusername = mysqli_real_escape_string($conn,$_POST['username']);
$mypassword = mysqli_real_escape_string($conn,$_POST['password']);
$sql = "SELECT customer_id FROM customer WHERE email_adress = '$myusername' and password = '$mypassword'";
$result = mysqli_query($conn,$sql);
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
$active = $row['customer_id'];
$count = mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1) {
$_SESSION['login_user'] = $myusername;
header("location: index2.php");
}else {
$error = "Your Login Name or Password is invalid";
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Login | Bid4MyJob</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="Bid4MyJob">
<meta name="author" content="James Wood">
<!-- CSS -->
<link href="assets/css/bootstrap.css" rel="stylesheet" type="text/css">
<link href="assets/css/font-awesome.min.css" rel="stylesheet" type="text/css">
<link href="assets/css/main.css" rel="stylesheet" type="text/css">
<link href="assets/css/my-custom-styles.css" rel="stylesheet" type="text/css">
<!-- IE 9 Fallback-->
<!--[if IE 9]>
<link href="assets/css/ie.css" rel="stylesheet">
<![endif]-->
<!-- GOOGLE FONTS -->
<link href='http://fonts.googleapis.com/css?family=Open+Sans:300,400italic,400,600,700' rel='stylesheet' type='text/css'>
<link href='http://fonts.googleapis.com/css?family=Roboto+Condensed:300,300italic,400italic,700,400,300' rel='stylesheet' type='text/css'>
<!-- FAVICONS -->
<link rel="apple-touch-icon-precomposed" sizes="144x144" href="assets/ico/repute144x144.png">
<link rel="apple-touch-icon-precomposed" sizes="114x114" href="assets/ico/repute114x114.png">
<link rel="apple-touch-icon-precomposed" sizes="72x72" href="assets/ico/repute72x72.png">
<link rel="apple-touch-icon-precomposed" href="assets/ico/repute57x57.png">
<link rel="shortcut icon" href="assets/ico/favicon.png">
</head>
<body>
<!-- WRAPPER -->
<div class="wrapper">
<!-- NAVBAR -->
<nav class="navbar navbar-default " role="navigation">
<div class="container">
<!-- TOPBAR -->
<div class="topbar">
<ul class="list-inline top-nav">
<li>
<div class="btn-group">
<button type="button" class="btn btn-link dropdown-toggle btn-xs" data-toggle="dropdown"><img src="assets/img/flags/United-Kingdom.png" alt="United Kingdom"> United Kingdom <span class="caret"></span></button>
<ul class="dropdown-menu dropdown-menu-right country-selector" role="menu">
<li>
<img src="assets/img/flags/United-Kingdom.png" alt="United Kingdom"> United Kingdom
</li>
<li>
<img src="assets/img/flags/Japan.png" alt="Japan"> Japan
</li>
<li>
<img src="assets/img/flags/China.png" alt="China"> China
</li>
<li>
<img src="assets/img/flags/Germany.png" alt="Germany"> Germany
</li>
</ul>
</div>
</li>
<li>Help</li>
<li>Support</li>
</ul>
<div class="searchbox">
<form method="post">
<div class="input-group input-group-sm">
<input type="text" class="form-control" placeholder="search ...">
<span class="input-group-btn">
<button class="btn btn-default" type="button"><i class="fa fa-search"></i></button>
</span>
</div>
</form>
</div>
</div>
<!-- END TOPBAR -->
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#main-nav">
<span class="sr-only">Toggle Navigation</span>
<i class="fa fa-bars"></i>
</button>
<a href="index.html" class="navbar-brand navbar-logo navbar-logo-bigger">
</a>
</div>
<!-- MAIN NAVIGATION -->
<div id="main-nav" class="navbar-collapse collapse">
<ul class="nav navbar-nav navbar-right">
<li>
HOME
</li>
<li>
HOW IT WORKS
</li>
<li>
POST JOB
</li>
<li>
FIND JOB
</li>
<li>
SIGN UP
</li>
<li>
LOGIN
</li>
</ul>
</div>
<!-- END MAIN NAVIGATION -->
</div>
</nav>
<!-- END NAVBAR -->
<!-- BREADCRUMBS -->
<div class="page-header">
<div class="container">
<h1 class="page-title pull-left">Login</h1>
<ol class="breadcrumb">
<li>Home</li>
<li class="active">Login</li>
</ol>
</div>
</div>
<!-- END BREADCRUMBS -->
<!-- PAGE CONTENT -->
<div class="page-content">
<div class="col-md-6">
<!-- LOGIN FORM -->
<h2 class="section-heading">Login Form</h2>
<form class="form-horizontal" role="form" action = "login.php" method = "post">
<div class="form-group">
<label for="username" class="control-label sr-only">Email</label>
<div class="col-sm-12">
<div class="input-group">
<input type="email" class="form-control" id="username" name = "username" placeholder="Email">
<span class="input-group-addon"><i class="fa fa-envelope"></i></span>
</div>
</div>
</div>
<div class="form-group">
<label for="password" class="control-label sr-only">Password</label>
<div class="col-sm-12">
<div class="input-group">
<input type="password" class="form-control" id="password" name="password" placeholder="Password">
<span class="input-group-addon"><i class="fa fa-lock"></i></span>
</div>
</div>
</div>
<div class="form-group">
<div class="col-sm-12">
<label class="fancy-checkbox">
<input type="checkbox">
<span>Remember me</span>
</label>
</div>
</div>
<div class="form-group">
<div class="col-sm-12">
<button type="submit" class="btn btn-primary"><i class="fa fa-sign-in"></i> Sign in</button>
</div>
</div>
</form>
<br>
<p><em>Don't have an account yet?</em> <strong>Sign Up</strong>
<br>
<em>Forgot your password?</em> Recover Password</p>
<!-- END LOGIN FORM -->
</div>
</div>
<br>
<br>
<div class="row">
<div class="col-md-6">
<!-- LOGIN FORM WITH LABEL -->
<!-- END LOGIN FORM WITH LABEL -->
</div>
<div class="col-md-6">
<!-- SIMPLE FORM -->
<!-- END SIMPLE FORM -->
</div>
</div>
<br>
<br>
<!-- INLINE FORM -->
<!-- END INLINE FORM -->
</div>
</div>
</div>
</div>
<!-- END PAGE CONTENT -->
<!-- FOOTER -->
<footer>
<div class="container">
<div class="row">
<div class="col-md-4">
<!-- COLUMN 1 -->
<h3 class="sr-only">ABOUT US</h3>
<img src="assets/img/logo/repute-logo-light.png" class="logo" alt="Repute">
<p>Proactively aggregate B2B initiatives before extensive channels. Monotonectally extend interactive methods of empowerment through excellent applications. Rapidiously synergize visionary products with sticky technology.</p>
<br>
<address class="margin-bottom-30px">
<ul class="list-unstyled">
<li>Unit 5, Block B Nesfield Road
<br/> Colchester, Essex CO4 3ZL 222222</li>
<li>Phone: 01206 588 000</li>
<li>Email: sales#universalwebdesign.co.uk</li>
</ul>
</address>
<!-- END COLUMN 1 -->
</div>
<div class="col-md-4">
<!-- COLUMN 2 -->
<h3 class="footer-heading">USEFUL LINKS</h3>
<div class="row margin-bottom-30px">
<div class="col-xs-6">
<ul class="list-unstyled footer-nav">
<li>About Us</li>
<li>News</li>
<li>Community</li>
<li>Career</li>
<li>Blog</li>
</ul>
</div>
<div class="col-xs-6">
<ul class="list-unstyled footer-nav">
<li>Press Kit</li>
<li>FAQ</li>
<li>Terms</li>
<li>Privacy Policy</li>
<li>Contact Us</li>
</ul>
</div>
</div>
<!-- END COLUMN 2 -->
</div>
<div class="col-md-4">
<!-- COLUMN 3 -->
<div class="newsletter">
<h3 class="footer-heading">NEWSLETTER</h3>
<p>Get the latest update from us by subscribing to our newsletter.</p>
<form class="newsletter-form" method="POST">
<div class="input-group input-group-lg">
<input type="email" class="form-control" name="email" placeholder="youremail#domain.com">
<span class="input-group-btn"><button class="btn btn-primary" type="button"><i class="fa fa-spinner fa-spin"></i><span>SUBSCRIBE</span></button>
</span>
</div>
<div class="alert"></div>
</form>
</div>
<div class="social-connect">
<h3 class="footer-heading">GET CONNECTED</h3>
<ul class="list-inline social-icons">
<li><i class="fa fa-facebook"></i></li>
<li><i class="fa fa-twitter"></i></li>
<li><i class="fa fa-google-plus"></i></li>
<li><i class="fa fa-rss"></i></li>
</ul>
</div>
<!-- END COLUMN 3 -->
</div>
</div>
</div>
<!-- COPYRIGHT -->
<div class="text-center copyright">
©2018 Bid4MyJob. All Rights Reserved.
</div>
<!-- END COPYRIGHT -->
</footer>
<!-- END FOOTER -->
</div>
<!-- END WRAPPER -->
<!-- JAVASCRIPTS -->
<script src="assets/js/jquery-2.1.1.min.js"></script>
<script src="assets/js/bootstrap.min.js"></script>
<script src="assets/js/plugins/autohidingnavbar/jquery.bootstrap-autohidingnavbar.min.js"></script>
<script src="assets/js/repute-scripts.js"></script>
</body>
</html>

You run the query:
$sql = "SELECT customer_id FROM customer WHERE email_adress = 'a#a.com' and password = 'a'";
this returns multiple results for $count = mysqli_num_rows($result); is thus > 1.
So you always fall into the else:
if($count == 1) {
$_SESSION['login_user'] = $myusername;
header("location: index2.php");
}else {
$error = "Your Login Name or Password is invalid";
}
Try for testing purposes try:
if($count >= 1) {
$_SESSION['login_user'] = $myusername;
header("location: index2.php");
}else {
$error = "Your Login Name or Password is invalid";
}
ofc later you will have to make sure you can't sign up email addresses twice.
Secondly you might want to forward to your session.php instead?
header("location:session.php"); // instead of index2.php

Login authentication not working for my site

The codes for site is given below. Login cannot be authenticated with what I've done. Firstly, it will redirect to the login page as expected if not logged in. Then, after I clearly give the login details correctly, it won't redirect me to the site I want. Instead, it will remain on login page. Please help me...
<!--This is the page that I want to redirect after successful login-->
<?php
session_start();
if($_SESSION['loggedIn'])
{
header('Location: restaurant.php');
}
else
{
header('Location: login.php');
}
?>
<html lang="en">
<head>
<title>Welcome to Foodline</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">
<meta name="author" content="">
<link rel="stylesheet" href="bootstrap/dist/css/bootstrap.min.css">
<link href="css/simple-sidebar.css" rel="stylesheet">
<script src="bootstrap/js/jquery.min.js"></script>
<script src="bootstrap/js/bootstrap.min.js"></script>
<script type="text/javascript" src="js.js"></script>
<script type="text/javascript" src="jquery.js"></script>
<style>
/* Remove the jumbotron's default bottom margin */
.jumbotron {
margin-bottom: 0;
}
/* Add a gray background color and some padding to the footer */
footer {
background-color: #f2f2f2;
padding: 25px;
}
</style>
</head>
<body>
<div class="jumbotron">
<div class="container text-center">
<h1><font face="Analecta">FOODLINE</font></h1>
<p>We provide the best service for our costumers</p>
</div>
</div>
<nav class="navbar navbar-inverse" data-spy="affix" data-offset-top="197">
<div class="container-fluid">
<div class="navbar-header">
<a class="navbar-brand"><font face="Analecta" color="white">>Restaurants<</font></a>
</div>
<div class="collapse navbar-collapse" id="myNavbar">
<ul class="nav navbar-nav">
<li>
Hamro Didi (HD)
</li>
<li>
HK
</li>
<li>
Junu Hotel
</li>
<li>
Junction Cafe
</li>
<li>
Laxmi Hotel
</li>
</ul>
</div>
</div>
</nav>
<footer class="container-fluid text-center">
<p>Foodline Official Website &copy</p>
<p align="center">Logged in as: <div id="username" align="center"> <span class="glyphicon glyphicon-log-in"></span><?php
if(isset($_GET['id'])){
echo ' '.$_GET['id'];
}
else {
echo '(write) a 404 page';
}
?>
</div>
</p>
</footer>
</div>
<!--This is login.php-->
<?php
//session_start();
include("connection.php");
$msg='';
if($_SERVER["REQUEST_METHOD"] == "POST")
{
// username and password sent from form
$username = $_POST['username'];
$password = $_POST['password'];
// To protect MySQL injection
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
//Input Validations
if($username == '') {
$_SESSION["login_user"] = $username; $msg = "Username missing";
header("location: login.php?msg=$msg");
}
if($password == '') {
$msg = "Password missing";
header("location: login.php?msg=$msg");
}
//Create query
$qry="SELECT * FROM user WHERE user_name='$username' AND user_password='$password'";
$result =mysql_query($qry)or die(mysql_error());
$output=mysql_fetch_assoc($result);
//Check whether the query was successful or not
if(!empty($output)) {
//Login Successful
$_SESSION['name']= $username;
$_SESSION['loggedIn'] = true;
header("location:restaurant.php?id=$username");
}
else {
//Login failed
$msg= "user name and password not found";
header("location:login.php?msg=$msg");
}
}
?>
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="bootstrap/dist/css/bootstrap.min.css">
<script src="bootstrap/js/jquery.min.js"></script>
<script src="bootstrap/js/bootstrap.min.js"></script>
<style>
.jumbotron {
margin-bottom: 0;
}
</style>
</head>
<body>
<div class="jumbotron">
<div class="container text-center">
<h1><font face="Analecta">FOODLINE</font></h1>
<p>We provide the best service for our costumers</p>
</div>
</div>
<nav class="navbar navbar-inverse" data-spy="affix" data-offset-top="197">
<div class="container-fluid">
<div class="navbar-header">
<a class="navbar-brand" href="index.php">Logo</a>
</div>
<div class="collapse navbar-collapse" id="myNavbar">
<ul class="nav navbar-nav">
<li class="active">Home</li>
<li>Restaurants</li>
<li>Contact</li>
</ul>
<ul class="nav navbar-nav navbar-right">
<li><span class="glyphicon glyphicon-user"></span> Sign Up</li>
<li><span class="glyphicon glyphicon-log-in"></span> Login</li>
</ul>
</div>
</div>
</nav>
<div class="container">
<h2><font face="Analecta">>Login from here<</font></h2>
<form role="form" name="login" action="login.php" method="post" accept-charset="utf-8">
<div class="form-group">
<label for="username">Username:</label>
<input type="text" class="form-control" name="username" placeholder="Enter username" required>
</div>
<div class="form-group">
<label for="password">Password:</label>
<input type="password" class="form-control" name="password" placeholder="Enter password" required>
</div>
<div class="checkbox">
<label><input type="checkbox"> Remember me</label>
</div>
<button type="submit" class="btn btn-default" value="login">Submit</button>
<br>
<br>
<?php
$msg = (isset($_GET['msg']) ? $_GET['msg'] : null); //GET the message
if($msg!='') echo '<p>'.$msg.'</p>'; //If message is set echo it
?>
</form>
<p>Not a user yet? Sign up here</p>
</div>
<footer class="container-fluid text-center">
<p>Foodline Official Website &copy</p>
<p>Get deals:
<span class="glyphicon glyphicon-menu-right"></span>SignUp
</p>
</footer>
</body>
</html>

Uncomment:
//session_start();
From line 5 in login.php and change to this:
if(! $_SESSION['loggedIn']) {
header('Location: login.php');
}
in restaurant.php.

PHP PDO trying to get navbar to change when logged in

I am trying to get my navbar to change when logged in so that the register and sign in turn into the user's username I have my code for this and I am not understanding why it's not working...
signin.php
<?php
include 'header.php';
include 'ini.php';
$username = "";
$password = "";
if(isset($_POST['login'])) {
if ($userQuery->execute()) {
while ($row = $userQuery->fetch()) {
$username = $_POST["username"];
$password = $_POST["password"];
$userQuery = $pdo->prepare("SELECT * FROM users WHERE username LIKE :username");
$addUserQuery->bindParam(":username", $username);
if (
username == $row['User_Username'] && password == $row['User_Password']
) {
$_SESSION['loggedin'] = "true";
$_SESSION['username'] = $username;
}
}
}
}
?>
<div class="container">
<div class="row">
<div class='col-md-3'></div>
<div class="col-md-6">
<div class="login-box well">
<form action="index.php" id="login" name="login">
<legend>Sign In</legend>
<div class="form-group">
<label for="username">Username</label>
<input value='' id="username" placeholder="Username" type="text" class="form-control" />
</div>
<div class="form-group">
<label for="password">Password</label>
<input id="password" value='' placeholder="Password" type="text" class="form-control" />
</div>
<div class="input-group">
<div class="checkbox">
<label>
<input id="login-remember" type="checkbox" name="remember" value="1"> Remember me
</label>
</div>
</div>
<div class="form-group">
<input type="submit" id="login" name="login" class="btn btn-default btn-login-submit btn-block m-t-md" value="Login" />
</div>
<span class='text-center'>Forgot Password?</span>
<div class="form-group">
<p class="text-center m-t-xs text-sm">Do not have an account?</p>
Create an account
</div>
</form>
</div>
</div>
<div class='col-md-3'></div>
</div>
</div>
<?php
include 'footer.php';
?>
header.php
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="Web Development company providing HTML, CSS, PHP and JS in your local area">
<meta name="author" content="Kieran Brownfield">
<title>Web Development Penzance - Providing Web Development in your area</title>
<!-- Bootstrap Core CSS -->
<link href="css/bootstrap.min.css" rel="stylesheet"/>
<link href="css/main.css" rel="stylesheet"/>
<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body>
<header class="header">Web Development Penzance</header>
<!-- Navigation -->
<nav class="navbar navbar-inverse navbar-static-top" role="navigation">
<div class="container">
<!-- Brand and toggle get grouped for better mobile display -->
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
</div>
<!-- Collect the nav links, forms, and other content for toggling -->
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav">
<li>
Home
</li>
<li>
About
</li>
<li>
Contact
</li>
<li>
Gallery
</li>
<li>
Meet the Team
</li>
</ul>
<ul class="nav navbar-nav pull-right">
<?php
if (isset($_SESSION['loggedin'])) { ?>
<li><p class="navbar-text navbar-right">Signed in as: <?php echo $_SESSION["username"] ?> </p></li>
<li>Logout</li>
<li>Account</li>
<?php } else { ?>
<li>Register</li>
<li>Login</li>
<?php } ?>
</ul>
</div>
<!-- /.navbar-collapse -->
</div>
<!-- /.container -->
</nav>

In order to access the $_SESSION variable across page loads, add session_start() to the top of both of these files. Docs.

Categories