SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    SitePoint Member higgins's Avatar
    Join Date
    May 2004
    Location
    Australia
    Posts
    14
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question How do i make a page show only if you have come through the login script?

    Hello

    I have created a simple login script, containing three files which works as follows,

    The first page is a login form where the user enters their data. When they click submit it posts to login process.php. This script checks the data the user entered against the usernames and passwords in a text file and if it does not match displays an error message and terminates. If it gets a match it redirects them to info.php containing all of the content using this code.

    header("Location: info.php");

    This is all working well the way i want it.

    Now i want to know how do i stop the info.php page from showing if i just point the url to http://localhost/htdocs/info.php and go to it directly, instead of going through the login script and getting directed to it via the script?
    "You know the world is going crazy when the best rapper is a white guy, the best golfer is a black guy, the tallest guy in the NBA is Chinese, the Swiss hold the America's cup, France is accusing the U.S. of arrogance, Germany doesn't want to go to war, and the three most powerful men in America are named 'Bush", 'Dick', and 'Colon'. Need I say more?"
    -- Chris Rock

  2. #2
    SitePoint Evangelist
    Join Date
    Feb 2004
    Location
    Sofia, Bulgaria
    Posts
    421
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    use one page to redirect to all other pages, for example index.php?page=info, index.php?page=contacts, etc. in index.php you'll have user validation through session and if the user is not logged in you will not include the desired script (info.php, contacts.php, etc.).. here is one good thread focused on how to do this: Basic Page Includes Using Arrays..

    other way is to make one separate script with user validation and to include it on top of any page you use.. and if the user is not authenticated this script will redirect him to another page..

    that is just a start point, hope it hepls..

  3. #3
    SitePoint Wizard stereofrog's Avatar
    Join Date
    Apr 2004
    Location
    germany
    Posts
    4,324
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    How does your "info" page know if user is logged in? You need to send this data from one page to another. The most common way is to use sessions so that both login.php and info.php check some session variable (eg $_SESSION['isLoggedIn']) and do the redirect if the value is inappropriate.

  4. #4
    SitePoint Member higgins's Avatar
    Join Date
    May 2004
    Location
    Australia
    Posts
    14
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by stereofrog
    How does your "info" page know if user is logged in? You need to send this data from one page to another. The most common way is to use sessions so that both login.php and info.php check some session variable (eg $_SESSION['isLoggedIn']) and do the redirect if the value is inappropriate.
    This is what i am trying to figure out.

    I want to display the info.php page if and only if i have been directed to it from loginprocess.php as a result of a successful username and password match.

    I do not want to display the info.php if the i type the direct path to it in the url of the browser, in this situation i want to be directed to login.php

    does anyone know how i can go about doing this??????????
    "You know the world is going crazy when the best rapper is a white guy, the best golfer is a black guy, the tallest guy in the NBA is Chinese, the Swiss hold the America's cup, France is accusing the U.S. of arrogance, Germany doesn't want to go to war, and the three most powerful men in America are named 'Bush", 'Dick', and 'Colon'. Need I say more?"
    -- Chris Rock

  5. #5
    SitePoint Wizard stereofrog's Avatar
    Join Date
    Apr 2004
    Location
    germany
    Posts
    4,324
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    > does anyone know how i can go about doing this??????????

    Yes! I even know two of them

    Simple example to my last post:

    login.php

    PHP Code:
    session_start();

    // if already logged-in goto info page

    if(isset($_SESSION['isLoggedIn']))
    {
         header("Location: info.php");
         exit();
    }

    // do we have POST'ed login data? is it correct?

    if(isset($_POST['username']) && dataOK($_POST['username'],$_POST['pass']))
    {
         // set the flag and redirect
         $_SESSION['isLoggedIn']=1;
         header("Location: info.php");
         exit();
    }

    // not a post or wrong login: draw the form
    ?>

    <form action=<?=$_SERVER['PHP_SELF']?> method=post> 
    ............................ etc
    info.php

    PHP Code:
    session_start();

    // if NOT logged-in goto login page

    if( !isset($_SESSION['isLoggedIn']))
    {
         
    header("Location: login.php");
         exit();
    }

    // show protected info 


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •