I am looking to add pages on my site that only people with a certan rank will be able to see while others will be kicked to a different page. What would be a simple way of doing this?
This is what I have right now.
<?php session_start();
$rank=$_SESSION['rank'];
$loggedinusername=$_SESSION['loggedinusername'];
$loggedinuseremail=$_SESSION['loggedinuseremail'];
?>
Thanks
For single allowed rank
if ($rank != 'allowed_rank') {
header('Location: some_other_page.php');
exit;
}
For multiplpe allowed ranks
if (!in_array($rank, array('allowed_rank1', 'allowed_rank2'))) {
header('Location: some_other_page.php');
exit;
}
<?php
session_start();
if ($_SESSION['rank'] > 1) // or whatever your minimum rank is
{
header('Location: highrankpage.php');
}
else
{
header('Location: lowrankpage.php');
}
exit();
?>
You'll want to include this code on every page that you want to protect.
Related
When a user opens a php page, can I make the page to reload by itself for two times before showing the contents of it to the user?
I tried to use:
header("Location: http://url");
but it goes on loop and never loads the page.
This is veeeery unusual, what I could think of is:
URL: page.php
if (!isset($_GET["time"]) && !isset($_GET["done"]))
{
header("Location: http://url.com/page.php?time=1");
exit;
}
else if ($_GET["time"] == 1)
{
header("Location: http://url.com/page.php?time=2");
exit;
}
else if ($_GET["time"] == 2)
{
header("Location: http://url.com/page.php?done=1");
exit;
}
Or you could use sessions, but good luck with that.
I have small issue! I current have a UserID number coming from a login page, Can I not do something like this?
This works:
session_start();
if (isset($_SESSION["UserID"])){
}
include('../includes/navAdmin.inc.php');
}
else {
header('Location: Login.php');
}
But I want to do something more like this to restrict links to certain users etc:
session_start();
if (isset($_SESSION["UserID"])){
}else if (isset($_SESSION["UserID"] === 1){ <---this one to give the "admin" the admin page etc
include('../includes/navAdmin.inc.php');
}
else {
header('Location: Login.php');
}
Seems like I can't or the syntax is wrong perhaps? Can someone point me in the right direction please?
Thanks in advance!
You will need to modify your code to check if it is set and equal to 1.
if (isset($_SESSION["UserID"]) && $_SESSION["UserID"] === 1)
rather than the else if.
Just set an else condition after that if it is not set or equal to 1.
On another note, add exit; after header. If you have more code below that, it way want to continue to execute.
http://php.net/manual/en/function.header.php
As per the manual:
<?php
header("Location: http://www.example.com/"); /* Redirect browser */
/* Make sure that code below does not get executed when we redirect. */
exit;
?>
Sidenote: As spotted/stated in comments by thanksd. There is an extra brace here, if that is your actual code.
if (isset($_SESSION["UserID"])){
}
include('../includes/navAdmin.inc.php');
} // Right there
else {
header('Location: Login.php');
}
and that would have thrown you an unexpected end of file notice having error reporting set to catch/display.
You may have meant to do:
if (isset($_SESSION["UserID"])){
include('../includes/navAdmin.inc.php');
}
else {
header('Location: Login.php');
}
Add error reporting to the top of your file(s) which will help find errors.
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
// Then the rest of your code
Sidenote: Displaying errors should only be done in staging, and never production.
Write your condition as below:-
session_start();
if (isset($_SESSION["UserID"])){
if($_SESSION["UserID"] === 1){
include('../includes/navAdmin.inc.php'); die;
}else{
header('Location: Login.php'); die;
}
}else{
header('Location: Login.php'); die;
}
I am trying to redirect my php login page so that if user is authorised, it goes to a page (r_index.php) and if the user isn't authorised they go back to the login page (login.html).
This is my code:
<?php
if ("password"=="$password") { // Start the condition ?>
Manage classes
<?php } // End the condition ?>
<?php if ("password"=="") { ?>
Login
<?php }
?>.
What am I doing wrong? How should I resolve it?
replace your code with this:
<?php
if ("password"== $password) {
header("location:r_index.php");
}
else if ($password=="") {
header("location:login.html");
}
?>
If you want to redirect you should use:
header('Location: http://www.example.com/r_index.php');
in your code.
<?php
$accessGranted = false;
if($password == 'password') {
$accessGranted = true;
}
if($accessGranted) {
header('Location: r_index.php');
}
else {
header('Location: login.html');
}
exit;
Actually your syntax is wrong, else there is no problem of using HTML inside php. It will work well and good.
Just make sure not to put your variable inside quotes, and change the statement as follows:
if($password=="password")
and
if($Password==" ")
I am making a form over a few pages that will send me an email at the end but i don’t want people going to other pages if they have not inputted their IGN (in game name) so i have tried to put it into a session. My problem is checking the session as i can’t get it to send the user back to the main page if the session is empty here is my code so far.
<?php session_start();
$_SESSION['IGN']=$_POST['IGN'];
if ($_SESSION['IGN']="") {
header('Location: Index.php');
}
?>
Is it that im checking the session wrong? Can you take a look and help me please :-)
Yes, you need to do:
if ( $_SESSION['IGN'] == "" ) { // here you need to use "==" instead of "="
header('Location: Index.php');
}
Read the manual how to compare.
Also you can check in such way:
if (isset($_SESSION['IGN']) && !empty($_SESSION['IGN'])) {
header('Location: Index.php');
}
try this:
<?php session_start();
$_SESSION['IGN']=$_POST['IGN'];
if ($_SESSION['IGN']=="" || is_null($_SESSION['IGN'])) {
header('Location: Index.php');
}
?>
On my index page I have a link to my login.php page with this code:
<?php
if(isset($_SESSION['username'])) {
echo "<div id='logout'><a href='logout.php'>Logout (".$_SESSION['username'].")</a></div>";
} else {
echo "<div id='login'><a href='login.php'>Login (Regular)</a></div>";
}
?>
On the login.php page I have
<?php
include('check.php');
$ref = getenv('HTTP_REFERER');
if (isset($ref)) {
header("Location: " . $ref);
exit;
} else {
header("Location: index.php");
exit;
}
?>
check.php is the code for the login form and it checks the users level to make sure they can access the page. I was told that I need to add a check to see if the referral is login.php, otherwise it will go in an infinite loop and I am of course getting "This webpage has a redirect loop". However, I have no clue how to do this and I can't find any information on how to fix it. Anyone know a quick solution?
You should be able to just do
if (isset($_SERVER['HTTP_REFERER']) && end(explode('/',$_SERVER['HTTP_REFERER'])) != 'login.php') {
header("Location: " . $_SERVER['HTTP_REFERER']);
exit;
} else {
header("Location: index.php");
exit;
}
Note that this is a simplified code - you may need to be a bit smarter than that.