I'm trying to use the code below to make the <a href='http://www...com/.../footervote.php'>Vote</a> link appear if a user logs in and a user shows up in the function getEditorsList(). The vote link only appears if the browser is refreshed.
Any idea how I could make the vote link appear without having to refresh the browser?
Thanks in advance,
John
index.php:
<?php
require_once "header.php";
//content
include "login.php";
// more content
require_once "footer.php";
?>
In header.php:
<?php
error_reporting(0);
session_start();
require_once ('db_connect.inc.php');
require_once ("function.inc.php");
$seed="0dAfghRqSTgx";
$domain = "...com";
$editors = getEditorsList();
foreach($editors as $editor)
{
$editorids[] = $editor['loginid'];
}
if(in_array($_SESSION['loginid'], $editorids))
{
echo "<div class='footervote'><a href='http://www...com/.../footervote.php'>Vote</a></div>";
}
?>
login.php:
<?php
if (!isLoggedIn())
{
if (isset($_POST['cmdlogin']))
{
if (checkLogin($_POST['username'], $_POST['password']))
{
show_userbox();
} else
{
echo "Incorrect Login information !";
show_loginform();
}
} else
{
show_loginform();
}
} else
{
show_userbox();
}
?>
Do you set $_SESSION['loginid'] after your in_array query? If you render header.php first, in_array returns false (although the session has been started, but loginid will be set a few lines down the road in login.php).
Move this:
if(in_array($_SESSION['loginid'], $editorids))
{
echo "<div class='footervote'><a href='http://www...com/.../footervote.php'>Vote</a></div>";
}
from header.php to login.php like this:
else {
show_userbox();
if (in_array...
}
If the link is present but hidden you use some DHTML (JQuery / Scriptaculous) to set the display/visibility attributes correctly.
If the link is not present in the original html (preferable for security reasons) then when the login occures fire off an AJAX request that returns javascript that will insert the link in the correct location (parent element).
Related
login.php
<?php
ob_start();
session_start();
include '../config.php';
if( (isset($_SESSION['can-id']) )) {
header('location: ../home/profile.php');
}
if(isset($_POST['can-login']))
{
$email=$_POST['email'];
$password=$_POST['password'];
$sql="SELECT * FROM `user_credentials` WHERE `email`=:email AND `password`=:password";
$pdoResult=$conn->prepare($sql);
$pdoExec=$pdoResult->execute(array(":email"=>$email,":password"=>$password));
$pdoResult->setFetchMode(PDO::FETCH_ASSOC);
$count=0;
$uid='';
while ($r=$pdoResult->fetch()) {
# code...
$count+=1;
$uid=$r['email'];
}
if ($count==1) {
# code...
$_SESSION['can-id']=$uid;
header('location: ../home/profile.php');
}
else
{
$_SESSION['error']="login failed";
}
}
?>
<html>
....
</html>
profile.php
<?php
ob_start();
session_start();
if (!(isset($_SESSION['can-id']))) {
# code...
header('location: ../login/');
}
else
{
$cid=$_SESSION['can-id'];
}
?>
<h1 ><?php echo $cid;?></h1>
This is my code after log in the page was redirected to profile.php page but in profile page session variable doesn't printed I don't know why but this problem was not occuring every time I log in It occurs sometimes so I can't find what is the problem. Anyone knows please help me to solve the problem.
Remove ob_start() from your login.php
Don't put session_start() in all of your file
e.g login.php, profile.php, etc
but instead, add this to your config.php for example:
<?php
session_start();
//.. config variables here
Then, include config.php also in your profile.php.
I am very new to PHP and I am trying to make a registration form only for an admin(no need for other users). I want to show one of the menu nav ("Add photo") only to admins.
LOGIN.php:
<?php
include_once 'header.php';
$username = "Efren";
$password = "111";
if (($_POST['txt_uname_email'] == $username)&& ($_POST['txt_password'] == $password)) {
session_start();
$_SESSION['admin_is_logged'] = true;
echo '<script type="text/javascript"> window.open("homepage.php","_self");</script>';
}
This is the part of the header that I am trying to show only to admins:
<?php
if (isset($_SESSION['admin_is_logged']) && $_SESSION['admin_is_logged'] == true){
echo '<li>add photo</li>';
}
?>
</ul>
Right now “add photo” is hidden both to admin and other visitors.
You need to start session on every page you want access to $_SESSION variable. I saw your session_start is inside if statement. Just set it on top of every file (where you need session) and it should work.
Put
session_start();
on file beginning just after <?php
I am trying to redirect my php login page so that if user is authorised, it goes to a page (r_index.php) and if the user isn't authorised they go back to the login page (login.html).
This is my code:
<?php
if ("password"=="$password") { // Start the condition ?>
Manage classes
<?php } // End the condition ?>
<?php if ("password"=="") { ?>
Login
<?php }
?>.
What am I doing wrong? How should I resolve it?
replace your code with this:
<?php
if ("password"== $password) {
header("location:r_index.php");
}
else if ($password=="") {
header("location:login.html");
}
?>
If you want to redirect you should use:
header('Location: http://www.example.com/r_index.php');
in your code.
<?php
$accessGranted = false;
if($password == 'password') {
$accessGranted = true;
}
if($accessGranted) {
header('Location: r_index.php');
}
else {
header('Location: login.html');
}
exit;
Actually your syntax is wrong, else there is no problem of using HTML inside php. It will work well and good.
Just make sure not to put your variable inside quotes, and change the statement as follows:
if($password=="password")
and
if($Password==" ")
I'm trying to integrate a php login script that I have working, but I can't seem to get simple php calls going on a page. On this user profile page, I want to simply have the user name displayed (mysql field is "name"). The user is logged in and the session carries through, but on this page, all I see is the text "Here is your profile info..." What might be wrong in the code to prevent the user name from displaying?
<?php
include_once('classes/check.class.php');
include_once('header.php');
if( protectThis("*") ):
if(!isset($_SESSION)) {
session_start();
}
if(isset($_SESSION['jigowatt']['name'])) {
echo "You're name is: " . $_SESSION['jigowatt']['name'];
}
?>
<br />
Here are is your profile info...
<?php
else :
?>
<div class="alert alert-warning">
<?php _e('Only signed in users can view what\'s hidden here!'); ?></div>
<?php
endif;
include_once('footer.php');
?>
For check session is set already use session_id() Also check you have set $_SESSION['jigowatt']['name'] already with empty()
if(session_id() == '') {
session_start();
}
if(!empty($_SESSION['jigowatt']['name'])) {
echo "You're name is: " . $_SESSION['jigowatt']['name'];
}
else {
echo 'username is empty';
}
You need to put session_start(); at the very top of the page. No white space can be put before that. Try if that works.
First you need to write the sessions at the very top of the page if it works than okay else you can try this.
Just append this 2 function before and after the session_start();
Like this
ob_start();
session_start();
ob_end_clean();
I have come along something i could not solve for so long.
i have created a script in php that unsets one single session variable, However the page stats the session Here is my code for the page :
<?php
session_start();
require_once("../header.php");
if($_SESSION['user']) {
unset($_SESSION['user']);
echo "you succesfully logged out.";
header("Refresh:5; url=http://www.webmasteroutlet.com");
} else {
echo "you are already NOT LOGGED IN right now.";
}
require_once("../footer.php");
?>
That is the whole code on this page. and it always prints out "you are already NOT LOGGED IN right now." $_SESSION['user'] is assigned true in login.php page and i have session_start(); at the very beginning of the page right after the <?php opening.
The session variable is recognized at all other files with php extension and that is the only single file that it is not working on. I also tried
<?php
session_start();
echo $_SESSION['user'];
?>
and it does not print anything. It simply skips that line and does nothing. What am i doing wrong ?
Thank You very much for your help.
this is the header.php code
<?php
session_start();
require("config.php"); // that only contains connection to the database and it is successful.
if(isset($_SESSION['user'])==1){
echo "<div id=\"topnav\" class=\"topnav\"><span>".$_SESSION['username']."</span> <span>LOGOUT</span></div>";
}
else if ($_SESSION['admin']) {
echo "<div id=\"topnav\" class=\"topnav\">"."<span>".$_SESSION['adminusername']."</span> ";
echo "<span>LOGOUT</span></div>";
}
else if ( !isset($_SESSION['user'])) {
require ($_SERVER['DOCUMENT_ROOT']."/users/login.php");
}
require("search.php");
?>
i think you need the if is set and make sure you pass the sessions data to this page it looks like your unsetting this
Try this:
<?php
session_start();
require_once("../header.php");
if(isset($_SESSION['user'])) {
echo "User.".$_SESSION['user']." you are being logged out";
unset($_SESSION['user']);
header("Refresh:5; url=http://www.webmasteroutlet.com");
} else {
echo "You are not logged or var SESSION doesnt exist";
}
require_once("../footer.php");
?>
If still doesnt work, try deleting the require_once lines(for debug).
Justin, I think you're not setting the $_SESSION['user']. That'd be the reason why you're getting NULL when you vardump.
One other possibility, although I'm limited to the scripts you provided, would be that you made it possible for a person to login through $_SESSION['admin'] as well as $_SESSION['user']. If this is the case you'd have to change the script to:
if(isset($_SESSION['user'])) {
unset($_SESSION['user']);
echo "user succesfully logged out.";
}elseif(isset($_SESSION['admin'])){
unset($_SESSION['admin']);
echo "admin succesfully logged out.";
}else{
echo "you are already NOT LOGGED IN right now.";
}