I am trying to have a user login to a Joomla site from an external site and then be redirected to a page where only registered users can view it. I used this script and it seems to be working somewhat. I can see the user logged in via the Joomla admin panel, however when I put in a redirect at the end of the script ie.
header('Location: registered page url');
Joomla prompts me to login in order to view the registered page. What am I doing wrong? The original post never did discuss how to redirect the user. Also, when I don't put the redirect in the code the browser just goes to a blank white page. Is that normal? Shouldn't it go to the home page of the curled site?
Also note that I've tried adding a return url to the code:
$loginRedirectUrl = 'index.php?option=com_content&view=article&id=146&Itemid=178';
$loginRedirectUrl = base64_encode($loginRedirectUrl);
$postfields['return'] = $loginRedirectUrl;
When I did a print_r($postfields) it returned everything filled up. Including the encoded return url and token. So, I'm highly confused as to why it looks like I'm logged in but the browser still somehow isn't keeping the cookies or something like that.
Cookies are not disabled.
Any help would be greatly appreciated. Thanks in advance.
Let's see if we can cover this one step at a time. The bit of code in the other post just handles the logging in stuff. If you run it unedited, then you will just end up with a blank page when it runs, so that is normal.
Next, if everything including the token is showing up in $postfields then the next thing I would check is to see if the Joomla admin shows a logged in session. If it does, then the problem is in the cookie being transferred to the the browser. If it isn't then it would indicate that the session was created but the login failed for some reason.
Related
I am attempting to create a PHP website handling logging in to a website.
My goal is to simply have a way that someone can log on through a service widget. The authorization goes through and one of the things with it is that I send it to another php page with the authorization details to check if the data returned from the login widget is legitimate. If it isn't, it will just error and redirect back to login. That part works well but the issue that arises which I don't understand because I am fairly new to PHP is the issue where the cookies do not update into the $_COOKIE array(dictionary?).
So it directs to another php file and handles that. If the authorization goes through it will create a cookie like this:
setcookie('user', $user_data, time()+3600, "/", $domain, true);
So then it redirects back to the login page with
header('Location: test_login.php')
Then when I check if it is set with the following
isset($_COOKIE['user'])
This returns FALSE?? and I checked the inspect and the cookie very much exists in the browser! I don't understand. I checked it and it shows what seem to be everything working. It seems like it would be able to access it. I am unsure why. Is there anything or any ideas that could be causing this issue?
I want to learn something, that I couldn't find on the internet.
I create a simple website, more like a simple web app, we the following structure.
index.php --> handles log In or Register
home.php --> main state of website.
So basically I want when a user log in, the website will direct him to home.php. I did it already. But I get a really annoying bug.
If I redirect bruteforce in www.someexample.com/home.php, the user can bypass the main log in screen. O.o
So I thought that if I can use a session checker to see if the user is log in or just a brute forcer -sorry about the bad term- the website will redirect him to log in screen. And if the user don't want every time to log in he can check a Remember me button to remember the session.
So in the end I want to have two methods. one to check if a user is log in or not and the other to save his session even after if he close the computer until he poush the log out button.
I have checked many articles on the web but I couldn't find how to start in my own project. Can you guys help me start of with a basic structure. i use MySql.
It sounds that this is an asked/answer. You need a redirect. Have them login at the index.php page and post back to it. Have it check the login for it to be correct and if it is then redirect to home.php with a posted hashkey to check against so that you know that the login was valid. You can skip the cookies altogether which some browsers have turned off regardless.
See here for how to redirect.
I have a log in widget included on every page on my website. Currently when they log in, they are redirected to the home page. However I want it so when they log in, they stay on the page they are currently viewing.
On my forum you have to be logged in to post (obviously). I would like it so they will stay on the forum post they are trying to reply to after logging in, rather than having to find it again. How do I do this?
The simplest (albeit not completely reliable way is to use HTTP_REFERER and redirect to the referer page. You might need to pass this around a bit in case your login action spans multiple page.
The more proper way is to set the current (unlogged) page in session and redirect to that session value page on login.
You can bind your current page inside your login widget inside a hidden field and tell the authentication page to redirect to this binded value as a page after login success .
Or if you want to be more secure try using sessions and bing the current page inside it then extract the variable binded into this session in your authentication page then redirect to it as a valid page
and you can also check this variable if is a valid page by using file_exists so plz try that and tell me the result
It depends on the case but a couple options come to mind;
Having a redirect parameter that will redirect the user once he logs in.
Using the HTTP_REFERER to refer the user back to where he came from.
Depending on the login form; you could send an ajax request to login the user without moving him
But I think it ultimately depends on your environment and since you haven't provided any information/code other than my forum I can only be as vague as your question.
Thanks In advance.
I was using drupal 6 version. If i am not logged in and in some url for ex : www.mysite.com/books/add-book .. it was taking me to login page . because only logged in users only can post a book.
$dest = drupal_get_destination();
drupal_goto('user/register', $dest);
Once it redirects to register page and after logged in it has to take me to exact page like www.mysite.com/books/add-book.. But now it was taking to front page..
Please suggest me how to redirect to exact page from loggin..
The Login Destination module may help you do that. You can adjust its configuration to redirect to coming page.
I'm doing something similar to redirect users once they've changed the interface language. I'm not using Dupral but the php behind should work for you as well.
In every controller of my site I set a session variable with the current page. If the user change the interface's language I redirect to a controller to do so, and then redirect to the page set in the session.
Just check if the variable is set after login and then redirect to it.
Hope it helps
I have built a very simple CakePHP website using the Auth component and have stumbled across a very annoying bug. Basically if a user tries to access an area that they are required to login to first they are taken to a login page and then sent back to the original page if they successfully login... this is all fine and dandy but because this remembrance of where the user tried to go is stored in a session it hangs around so if I ended up at the login page then decided to go elsewhere then comeback and then GO DIRECT to the login form it will send me to the page I tried to access earlier on as it's still being stored in the session.
How do I stop this? As it means users are being sent to random pages when they login from the login page if they tried to access the site previously.
This isn't a bug. This is intended, documented behavior.
Fortunately, CakePHP is well documented. Can check out the 1.3 book that details the variables needed to change default Auth behavior, specifically $this->Auth->autoRedirect property.