The php web video script that I’m using displays a User’s profile page by simply adding (for example) …/@UserName after the url into a browser. I tried to have a User’s profile page only display to Users who are logged into the site, by adding session_start code:
but was unsuccessful. The problem is although the …/@UserName no longer displays in the browser field (and redirects to the login page), once logged in the User can’t see his Profile Page either.
Any help with modifying this so that …/@UserName no longer displays in the browser field, but is available to display upon log-in, will be appreciated.
Thanks for your reply.
I added your suggested modification, cleared the browser history, and when https://url.com/@chrisj (for example) is entered into the browser, the profile page no longer displays (and am redirected to login successfully), but still the profile page is unavailable to the logged-in User, when the “Profile” selection is chosen from the drop-down menu (after log-in). The copied link address from the drop-down-menu > Profile is the same https://url.com/@chrisj (for example).
Any additional assistance with modifying this so that …/@UserName no longer displays the profile page after being entered into the browser field, but is available to display while logged-in, is appreciated.
Actually it seems the correct usage is somewhere between us. A string containing “1”. Though you’re correct, since 5.2.4 it was a Boolean, now a string.
Personally my immediate suspicion for it being blank is a suppressed ‘Headers already sent’ due to whitespace before the PHP tag. (Think horses not zebras… the problem manifested once he added session info.)
Do you have something (a .htaccess rewrite rule for example, I’m not familiar with them myself) that converts your link to contain URL parameters? Just after your new check to see if the session variable is set, you look for $_GET['id'] and I can’t see where that’s coming from in your link, unless you convert @ChrisJ into it somewhere.
Unavailable in what way? Shows the page but doesn’t have any information on it, redirects somewhere, does something else?
Fair point, but he did say that after adding the exit() to the code, it now redirects to the login page correctly. Now the issue is that it’s not doing what it should when the user is logged in.
Except that ‘redirect to the login page’ is the fail-safe action. If the session hasnt been instantiated successfully, $_SESSION[‘username’] will never exist, and so you’d get the behavior the OP describes.
It’s hard to tell - he says it’s still “unavailable” even while logged in, but not how it’s unavailable - if it were redirecting in both cases I’d have thought it would be phrased differently. Hopefully @chrisjchrisj will clarify later on.
I’m only speculating, but I think it’s a logical problem. If it was a syntactical problem, the errors would have presented themself early on. Since the OP was able to successfully redirect the user if the user wasn’t logged in, the problem now is within the switch statement. I assume maybe it’s because there’s no default case, but the line above the switch statement suggests otherwise. Maybe I’m not seeing it right away, but I’m pretty sure it has to do with the logical side.
@ChrisjChrisj Try to be consistent and use either exit; or exit();, but not both. This won’t fix the problem, but it’ll help you be consistent.
Also, where is $_GET[‘id’] coming from? Is that what you have for your mod_rewrite in your .htaccess file? Something doesn’t seem right with grabbing the id if you don’t have that regex in your .htaccess file.
The switch only sets the value of $pt->second_page, which is assigned a value prior to the if that surrounds the switch. So it has a default, which covers it either not being set, or not being one of the values checked for.
but saw nothing different, and nothing in the error log, and nothing in the Console.
I see nothing in the .htaccess regarding a rewrite about this page.
When selected, after log-in it just seems to refresh the same page.
I went ahead and asked the developer, and he simply said:
“Its happening because file is same so no remedy for now”.
So, now I’m looking for ideas on what I might try as a work around.
Any additional ideas/guidance/comments are appreciated.
Does your application have a rewrite rule pointing and directing requests to a specific page like the index? What confuses me is why you’re requesting for $_GET[‘id’] if you actually want the username. Unless your .htaccess file has a rewrite rule to append all requests to $_GET[‘id’], it doesn’t make sense to be looking for it and then applying it to your database call. What I mean is that if your .htaccess file has a rewrite rule like
RewriteRule ^(.+)$ index.php?url=$1 [QSA,L]
Or whatever it maybe, it doesn’t make sense to use PHP to look for $_GET[‘id’] when what you should be looking for is $_GET[‘url’]. Not saying yours is exactly like this, but I’m just speculating right now.