This is my code for userslist.php. I put it above the head of this page so if this link is clicked, only admin can enter the page as filtered that is why I have redirections.
session_start();
$loggedInfo['username'] = $_SESSION['username'];
if(
isset($loggedInfo['username']) && $loggedInfo['username']==="admin" &&
trim($loggedInfo['username']) != "guest"
)
{
header('Location: userslist.php');
}
else {
header('Location: ../index.php');
}
This is my php script and I got a problem with redirecting. On the header(location ...) when I changed it to echo true or false, the echo returns the value correctly. But when I put a redirect/location, it does say:
This webpage has a redirect loop
Why is that? :(
Put this code in top of the userlist.php.An try what you got
<?php session_start();
$loggedInfo['username'] = $_SESSION['username'];
if(isset($loggedInfo['username']) && $loggedInfo['username']!="admin"){
header('Location: ../index.php');
exit();
}else if(isset($loggedInfo['username']) && $loggedInfo['username']=="admin"){
?>
You page code here goes
<?php } ?>
You're probably including this code in all pages. Thus on userslist.php it will also redirect to userslist.php. This causes permanent redirects, which is a redirect loop.
This conclusion is however difficult to support without seeing all the code you are using.
Related
I need a little help here. I have a page profile.php and a option to delete the accound :
// DELETE THE ACCOUNT !!
$_SESSION["delacc"] = FALSE;
if (isset ($_POST ['deleteaccount'])) {
$deleteaccount = $_POST['deleteaccount'];
$delacc="DELETE FROM users WHERE username='$username'";
$resdelacc = mysqli_query($con,$delacc);
if ($resdelacc) {
header('Location: index.php');
$_SESSION["delacc"] = TRUE;
unset($_SESSION['username']);
} else {
echo "ERROR !!! Something were wrong !!";
}
}
the problem is in if ($resdelacc). If this is true, result that the account was deleted, unset session username (logout) and after this I want to redirect the page to index.php where I have the code :
if(isset($_SESSION["delacc"])) {
if($_SESSION["delacc"] == TRUE) {
echo "<b><font color='red'>YOUR ACCOUNT WAS SUCCESFULLY DELETED !!</font></b>";
$_SESSION['delacc'] = FALSE;
}
}
My only problem is that this line " header('Location: index.php');" (from profile.php) don't run in any case. When the user click the button "DELETE ACCOUNT", the page remain profil.php, then, if do refresh or access another page, is redirected and appear as guest.
Very easy .. The reason is after in the resulted output page you can't redirect. so you've prepare it to be redirected after some seconds enough for user to read the result message.
Like this:
if($_SESSION["delacc"] == TRUE) {
$_SESSION['delacc'] = FALSE;
echo '<!DOCTYPE html><html><head><meta http-equiv="refresh" content="7;url=http://'.$_SERVER['HTTP_HOST'].'/index.html"/>';
echo "</head><body>";
echo "<b><font color='red'>YOUR ACCOUNT WAS SUCCESFULLY DELETED !!</font></b>";
}
that change will redirect to the index.html after 7 seconds.
PS. The Generated HTML result page make it starts by this code after the POST handling direct. (before any echo) because echo will start generating the results page and the only logical place to redirect is inside the HEADER before any BODY elements
<meta http-equiv="refresh" content="0";url="/index.php"/>
The redirect (url) don't run for index.php because I have another redirect before :
if(isset($_SESSION['username'])==FALSE) {
header('Location: login.php');
}
but is ok, I put the message "DELETED SUCCESFULLY" in login.php and deleted from index.php . I set content=0, because after deleted, the user will be restricted for page profile.php and need to change immediatelly to another. Due of the verification of SESSION['username'] which can return profile.php, I can not redirect to another page ... is a conflict. I need a little to think better this code with redirects, I know can solve it better :D thanks for explanations and help
When a user opens a php page, can I make the page to reload by itself for two times before showing the contents of it to the user?
I tried to use:
header("Location: http://url");
but it goes on loop and never loads the page.
This is veeeery unusual, what I could think of is:
URL: page.php
if (!isset($_GET["time"]) && !isset($_GET["done"]))
{
header("Location: http://url.com/page.php?time=1");
exit;
}
else if ($_GET["time"] == 1)
{
header("Location: http://url.com/page.php?time=2");
exit;
}
else if ($_GET["time"] == 2)
{
header("Location: http://url.com/page.php?done=1");
exit;
}
Or you could use sessions, but good luck with that.
I am making a form over a few pages that will send me an email at the end but i don’t want people going to other pages if they have not inputted their IGN (in game name) so i have tried to put it into a session. My problem is checking the session as i can’t get it to send the user back to the main page if the session is empty here is my code so far.
<?php session_start();
$_SESSION['IGN']=$_POST['IGN'];
if ($_SESSION['IGN']="") {
header('Location: Index.php');
}
?>
Is it that im checking the session wrong? Can you take a look and help me please :-)
Yes, you need to do:
if ( $_SESSION['IGN'] == "" ) { // here you need to use "==" instead of "="
header('Location: Index.php');
}
Read the manual how to compare.
Also you can check in such way:
if (isset($_SESSION['IGN']) && !empty($_SESSION['IGN'])) {
header('Location: Index.php');
}
try this:
<?php session_start();
$_SESSION['IGN']=$_POST['IGN'];
if ($_SESSION['IGN']=="" || is_null($_SESSION['IGN'])) {
header('Location: Index.php');
}
?>
i am submitting a form and then using header redirect to take the user to a new page. how can i add a session to my header redirect to say once user has been redirected echo out a div within a session saying something like form submitted?
heres what i have tried to do but can not get it to work, can someone please point me in the right direction, thanks.
submit_form.php:
header("Location: ../index.php?success=$success");
index.php:
<?php echo $_SESSION['success']; ?>
<?php $success= "<div> CONGRATULATIONS!!!!!</DIV>"; ?>
A session value is something stored in a session started with session_start().
What you have is a URL query parameter, which you can access with $_GET['success'].
submit_form.php:
session_start();
$_SESSION['success'] = true;
header("Location: ../index.php?success=$success");
index.php:
session_start();
if (isset($_SESSION['success']) && $_SESSION['success']) {
//Echo your div
}
You appear to be mixing up $_SESSION and $_GET
Try below code:
On submit_form.php page:
$_SESSION['success'] = "YOUR SUCCESS MESSAGE";
header("Location: ../index.php");
On index.php page:
if(isset($_SESSION['success']) && $_SESSION['success']!=""){
echo $_SESSION['success'];
unset($_SESSION['success']);
}
On both page, on top, put below code:
session_start();
How it should work:
Index.php is the secured page. It includes check.php, which checks if you have a session = good. If it hasn't, you're not logged in -> log off, remove session. But it doesn't work, it always logs off, like I didn't log in...
index.php
include ‘check.php’;
echo "logged in";
check.php
session_start();
if($_SESSION[‘login’] != ‘good’) {
unset($_SESSION[‘login’]);
unset($_SESSION[‘name’]);
header(‘Location: login.php?logoff’);
exit();
}
Login.php
if(isset($_POST[‘login’])) {
$gb = array();
$gb[‘user1’] = ‘pass1’;
$gb[‘user2’] = ‘pass2’;
if(isset($gb[$_POST[‘username’]]) && $gb[$_POST[‘username’]] == $_POST[‘password’])
{
$_SESSION[‘login’] = ‘good’;
$_SESSION[‘name’] = $_POST[‘name’];
header("Location: index.php");
} else {
header("Location: login.php?wrongpass");
}
} else { ?>
Login Form
<?php } ?>
I hope someone can help me!
You should verify you started the session in login.php.
Put session_start(); in all the pages
You need to have session_start() at the top of all the pages, you havent shown the session start for your login page.
(Thanks to Danny for proving I cant type)
Check that you have register_globals is On in your php.ini
First check on the pages you want to use session variables session is start or not and if session is not stat then start it.
and this is the very first line in the php file.
Code for the session checking is :
if(!session_id())
{
session_start();
}
if($count==1){
session_start();
$_SESSION['Username'] = $UserName;
$_SESSION['Password'] = $password;
UpdateOnlineChecker($Session);
header( "Location: http://". strip_tags( $_SERVER ['HTTP_HOST'] ) ."/newHolo/" );
exit;
}
else {
echo "Wrong Username or Password";
}
Look at my code. It checks if the statement is true (for me, if there is one row with a query statement i execute). Then i start a session and basically Ill define global session variables, sned out a query to my database to update the session and then refer through.
you are missing a session_start(); in your if true block.
Use one for action document such as index.php there is code:
session_start();
if(isset($_POST['login']) && isset($_POST['password'])){
// login
header('Location: (here is some page)');
}
if(!isset($_SESSION['user']){
// #todo some action
} else {
require_once('login.php');
}
if(isset($_GET['logout'])){
unset($_SESSION['user']);
header('Location: (here is some page)');
}
I think problem is header:
('location:------.php);
Your hosting server doesn't run this.
You can use this:
echo "<script>window.location.href='-----.php'</script>";