I have: header.php, register.php, login.php and profile.php
When the user is login in, I redirect him on profile.php using header(Location:profile.php)
Also, before I do that redirect I set a session:
$_SESSION['logged']= $user_email;
Using that, I would like to do a small trick on header.php, something like:
if(($_SESSION['logged'] == true) {
echo " Logo ";
}
else {
echo " Logo ";
}
Somehow, this isn't working. I'm missing something?
You can control session variable with isset() function
Try code below
session_start();
if(isset($_SESSION['logged'])){
header("location:profile.php");
}
else{
header("location:index.php");
}
Related
My logout.php file is like this. Is there any mistake in my code
logout.php
<?php
session_start();
session_destroy();
header('Location:index.php');
exit;
?>
Here is my index.php file. If I am set $_SESSION['s_activId'] then it is working properly but when I am trying to put condition if $_SESSION['s_activId'] is not set at that time I want to pass header on index page sometimes it works sometimes it does not work.
<?php
include('include/config.inc.php');
if(!isset($_SESSION['s_activId']))
{
$_SESSION['s_urlRedirectDir'] = $_SERVER['REQUEST_URI'];
header("Location:index.php");
}
else
{
$wrong = '';
if(isset($_POST['submit']))
{
$checkLogin = "SELECT userName,password,userType
FROM user
WHERE BINARY userName = '".$_POST['userName']."'
AND BINARY password = '".$_REQUEST['password']."'";
$checkLoginresult = mysql_query($checkLogin);
if($userLoginRow = mysql_fetch_array($checkLoginresult))
{
$_SESSION['s_activId'] = $userLoginRow['userName'];
$_SESSION['s_password'] = $userLoginRow['password'];
$_SESSION['hg_userType'] = $userLoginRow['userType'];
if(!$_SESSION['s_urlRedirectDir'])
{
header("Location:index.php");
}
else
{
header("Location:reminder.php");
}
}
else
{
$wrong = "UserId And Password Is Not Valid";
}
}
}
include("bottom.php");
$smarty->assign('wrong',$wrong);
$smarty->display("index.tpl");
?>
The problem arise in the condition below in index.php:
if(!isset($_SESSION['s_activId']))
{
$_SESSION['s_urlRedirectDir'] = $_SERVER['REQUEST_URI'];
header("Location:index.php");
}
When you logout, you are calling session_destroy() on logout.php and redirecting on index.php and the condition above gets true as s_activId is not set in session and again you are redirecting on index.php (without setting s_activId in session). The above condition will be true until the variable s_activId set in session and because of this you are getting ERR_TOO_MANY_REDIRECTS error.
The solution is, on index.php set the variable s_activId in session before calling the header method. Refer the code below:
if(!isset($_SESSION['s_activId']))
{
$_SESSION['s_urlRedirectDir'] = $_SERVER['REQUEST_URI'];
$_SESSION['s_activId'] = true;
header("Location:index.php");
}
Dont redirect index.php to index.php. you having redirects loop. Also
if you have code below that also can fire add die in if because after
redirect code below still executes. I didnt read your code, maybe
there isnt problems with this but after
header("Location: lalala"); always add die(); or exit();
Today my question is how do i get people to roam the site with out logging in, I have tryed loads and loads of diffrent ways, when i tried to roam my site when i was not logged in it just used to redirect me to my login page, but when i tried my most recent code (the one below this post) it just comes up with this error, Undefined index: username in E:\wamp\www\login\main.php on line 6
<?php
ob_start();
//session
session_start();
$_session_username = $_SESSION['username'];
if (!isset($_session_username))
{
echo"Hello i'm sorry to say this but your not logged in <a href='login.php'>Log-in</a>";
exit();
}
else
{
echo "hello, ".$_session_username." <a href='logout.php'>Log out</a>";
}
ob_end_flush();
?>
Put simply you were on the right path, however you can't assign $_SESSION['username'] to a variable and then check if it is set. You first need to check if the $_SESSION['username'] is set, and then if it is you are able to assign it to a variable.
<?php ob_start();
//session
session_start();
if (!isset($_SESSION['username']))
{
echo"Hello i'm sorry to say this but your not logged in <a href='login.php'>Log-in</a>";
exit();
}
else
{
$_session_username = $_SESSION['username'];
echo "hello, ".$_session_username." <a href='logout.php'>Log out</a>";
}
ob_end_flush();
?>
I have come along something i could not solve for so long.
i have created a script in php that unsets one single session variable, However the page stats the session Here is my code for the page :
<?php
session_start();
require_once("../header.php");
if($_SESSION['user']) {
unset($_SESSION['user']);
echo "you succesfully logged out.";
header("Refresh:5; url=http://www.webmasteroutlet.com");
} else {
echo "you are already NOT LOGGED IN right now.";
}
require_once("../footer.php");
?>
That is the whole code on this page. and it always prints out "you are already NOT LOGGED IN right now." $_SESSION['user'] is assigned true in login.php page and i have session_start(); at the very beginning of the page right after the <?php opening.
The session variable is recognized at all other files with php extension and that is the only single file that it is not working on. I also tried
<?php
session_start();
echo $_SESSION['user'];
?>
and it does not print anything. It simply skips that line and does nothing. What am i doing wrong ?
Thank You very much for your help.
this is the header.php code
<?php
session_start();
require("config.php"); // that only contains connection to the database and it is successful.
if(isset($_SESSION['user'])==1){
echo "<div id=\"topnav\" class=\"topnav\"><span>".$_SESSION['username']."</span> <span>LOGOUT</span></div>";
}
else if ($_SESSION['admin']) {
echo "<div id=\"topnav\" class=\"topnav\">"."<span>".$_SESSION['adminusername']."</span> ";
echo "<span>LOGOUT</span></div>";
}
else if ( !isset($_SESSION['user'])) {
require ($_SERVER['DOCUMENT_ROOT']."/users/login.php");
}
require("search.php");
?>
i think you need the if is set and make sure you pass the sessions data to this page it looks like your unsetting this
Try this:
<?php
session_start();
require_once("../header.php");
if(isset($_SESSION['user'])) {
echo "User.".$_SESSION['user']." you are being logged out";
unset($_SESSION['user']);
header("Refresh:5; url=http://www.webmasteroutlet.com");
} else {
echo "You are not logged or var SESSION doesnt exist";
}
require_once("../footer.php");
?>
If still doesnt work, try deleting the require_once lines(for debug).
Justin, I think you're not setting the $_SESSION['user']. That'd be the reason why you're getting NULL when you vardump.
One other possibility, although I'm limited to the scripts you provided, would be that you made it possible for a person to login through $_SESSION['admin'] as well as $_SESSION['user']. If this is the case you'd have to change the script to:
if(isset($_SESSION['user'])) {
unset($_SESSION['user']);
echo "user succesfully logged out.";
}elseif(isset($_SESSION['admin'])){
unset($_SESSION['admin']);
echo "admin succesfully logged out.";
}else{
echo "you are already NOT LOGGED IN right now.";
}
How it should work:
Index.php is the secured page. It includes check.php, which checks if you have a session = good. If it hasn't, you're not logged in -> log off, remove session. But it doesn't work, it always logs off, like I didn't log in...
index.php
include ‘check.php’;
echo "logged in";
check.php
session_start();
if($_SESSION[‘login’] != ‘good’) {
unset($_SESSION[‘login’]);
unset($_SESSION[‘name’]);
header(‘Location: login.php?logoff’);
exit();
}
Login.php
if(isset($_POST[‘login’])) {
$gb = array();
$gb[‘user1’] = ‘pass1’;
$gb[‘user2’] = ‘pass2’;
if(isset($gb[$_POST[‘username’]]) && $gb[$_POST[‘username’]] == $_POST[‘password’])
{
$_SESSION[‘login’] = ‘good’;
$_SESSION[‘name’] = $_POST[‘name’];
header("Location: index.php");
} else {
header("Location: login.php?wrongpass");
}
} else { ?>
Login Form
<?php } ?>
I hope someone can help me!
You should verify you started the session in login.php.
Put session_start(); in all the pages
You need to have session_start() at the top of all the pages, you havent shown the session start for your login page.
(Thanks to Danny for proving I cant type)
Check that you have register_globals is On in your php.ini
First check on the pages you want to use session variables session is start or not and if session is not stat then start it.
and this is the very first line in the php file.
Code for the session checking is :
if(!session_id())
{
session_start();
}
if($count==1){
session_start();
$_SESSION['Username'] = $UserName;
$_SESSION['Password'] = $password;
UpdateOnlineChecker($Session);
header( "Location: http://". strip_tags( $_SERVER ['HTTP_HOST'] ) ."/newHolo/" );
exit;
}
else {
echo "Wrong Username or Password";
}
Look at my code. It checks if the statement is true (for me, if there is one row with a query statement i execute). Then i start a session and basically Ill define global session variables, sned out a query to my database to update the session and then refer through.
you are missing a session_start(); in your if true block.
Use one for action document such as index.php there is code:
session_start();
if(isset($_POST['login']) && isset($_POST['password'])){
// login
header('Location: (here is some page)');
}
if(!isset($_SESSION['user']){
// #todo some action
} else {
require_once('login.php');
}
if(isset($_GET['logout'])){
unset($_SESSION['user']);
header('Location: (here is some page)');
}
I think problem is header:
('location:------.php);
Your hosting server doesn't run this.
You can use this:
echo "<script>window.location.href='-----.php'</script>";
On my index page I have a link to my login.php page with this code:
<?php
if(isset($_SESSION['username'])) {
echo "<div id='logout'><a href='logout.php'>Logout (".$_SESSION['username'].")</a></div>";
} else {
echo "<div id='login'><a href='login.php'>Login (Regular)</a></div>";
}
?>
On the login.php page I have
<?php
include('check.php');
$ref = getenv('HTTP_REFERER');
if (isset($ref)) {
header("Location: " . $ref);
exit;
} else {
header("Location: index.php");
exit;
}
?>
check.php is the code for the login form and it checks the users level to make sure they can access the page. I was told that I need to add a check to see if the referral is login.php, otherwise it will go in an infinite loop and I am of course getting "This webpage has a redirect loop". However, I have no clue how to do this and I can't find any information on how to fix it. Anyone know a quick solution?
You should be able to just do
if (isset($_SERVER['HTTP_REFERER']) && end(explode('/',$_SERVER['HTTP_REFERER'])) != 'login.php') {
header("Location: " . $_SERVER['HTTP_REFERER']);
exit;
} else {
header("Location: index.php");
exit;
}
Note that this is a simplified code - you may need to be a bit smarter than that.