Let’s say I want to avoid some codes for non-members of my site. But once they login that part of the code is available what do I need to program?
When they log in, you set a variable in $_SESSION.
$_SESSION['logged_in'] = 1;
On the parts of the site that should not be visible to non-members, check for presence of that variable.
if (isset($_SESSION['logged_in'])) {
echo "Member-only code";
}
Thanks. When I log in I don’t understand how to keep being logged. When I refresh a pop-up comes up. But when I click and enter from the url it logs me out.
Don’t know what popup or URL you’re talking about.
Are you calling session_start() at the top of any file in which you read from or write to a session?
Pop-up I mean a confirm or an alert.
So session_start() has to be on top of the login page?
I have ob_start(); for redirecting headers. So I have to add that too right?
It’s not working. It’s logging out.
I discover some new things things as I go. When I log in it shows me the welcome but underneath it also says incorrect login.
It has to be at the top of any file that reads from or writes to the session.
Without calling session_start() things may look right on the first page load, but the session file isn’t actually getting written so nothing is really persisting between pages.
For some reason, the page doesn’t load as I wrote intentionally the wrong password (to bring up the sentence refusing to log in.) I’m going to upload this as a txt file for privacy.
But for short this is where the page loading stops:
//gives error if the password is wrong
if ($_POST['pass'] != $info['password']){//line 48-53
echo "Incorrect password, please try again.";
header("Location: ".$_SERVER['PHP_SELF']);
//die('Incorrect password, please try again.');
}else{
both die and echo gave the same problem. Maybe it has nothing to do with that.
Anything in the PHP error log?
Is $_SERVER[‘PHP_SELF’] what you expect if you print it out?
Could the problem be that the message is being echo’d to the page, followed immediately by a header update?
The header cannot be modified after any content has been echo’d out to the page.
How do I not notice these things?
Blocking it doesn’t help:
//gives error if the password is wrong
if ($_POST['pass'] != $info['password']){
echo "Incorrect password, please try again.";
//header("Location: ".$_SERVER['PHP_SELF']);
//die('Incorrect password, please try again.');
}else{
The rest of the page isn’t loading.
Well that’s a shame. If I wasn’t (supposed to be) working right now I’d take the time to look deeper.
Anyway I can find out the error? if there is any.
Here’s the pseudo-code of your code.
if (has cookie) {
redirect to members page
}
if (form is submitted) {
while (username) {
if (bad password) {
incorrect, redirect back to self
} else {
redirect to members page
}
show welcome message
}
} else {
show form
}
If it’s a bad password, a redirect is a bad idea. Instead, do one of two different things.
Either show the message and link back to the form, or show the message and show the form below it.
If you get rid of the last else condition, it will only be no form submission, or bad passwords that fall through to show the form.
Maybe I should put the form in function and show where it should appear.
what is the meaning of die? Is it the same as echo? Because If I print something before die it shows but not after die.
Like Exit. That’s what I thought. In my case it’s not even loging in I don’t know why. I changed die to echo but no change. The rest of the codes are not printing below.
Can someone take a look? or can you give me a simple login that I can start from? I got frustrated since I’m new in this section of php.
I guess everyone gave up at this point.
Yes they did.