Restrict access to login page once already logged in

9894770 · May 12, 2015, 2:54am

I have searched up and down on both MySQL and PHP sections and I couldn’t find anything that could help me out here.

I’m using Dreamweaver and it’s a b**** to get this. I’m an amateur with PHP so please be patient with me. Now my question is ( I have both index.php-login page, and home.php-home page to be redirected to ) I place the restriction on index.php-login page correct? This is my code, I’ve tried placing it on both actually but I’m always getting this error (tried it on all browsers I have installed)

Code placed on both index.php and home.php ( to see if either will work ):

if ($loginUsername){
        $redirectURL = 'home.php';
    } else { 
        $redirectURL = 'index.php';
    }
    header("Location: ".$redirectURL);

Thanks in advance for the help guys.

Mittineague · May 12, 2015, 2:58am

Where is $loginUsername coming from and what is it?

It looks like if that code is in the index.php file, and the test is FALSE, it will endlessly redirect to itself.

StarLion · May 12, 2015, 11:25am

Well if you’ve put this code as-is into both pages, you’ve successfully created an infinite loop.

Person calls index.php.
Index.php says “I see no login username. Redirect the browser to index.php”
Header command goes to browser. Browser sends user to index.php
Index.php says “I see no login username. Redirect the browser to index.php”
(Rinse, Repeat, Ad Infinitum)

Assuming index.php is the page which has your login, you only want the code there.
And, assuming the above, you dont want to redirect to index.php FROM index.php, because thats just a loop. (Unless something changes; Have I ever told you, the definition of insanity? [yes, i know, my accent needs work])

So the code would be simply

if($loginUsername){
  header("Location: home.php");
}

Pepster · May 12, 2015, 11:48am

Well this is how I would do it…

The following would be in my configuration file

session_start();
$loginUsername = ( isset($_SESSION['loginUsername'] ) ? $_SESSION['loginUsername'] : NULL;

Then wherever you login in the user do something like this:

$_SESSION['loginUsername'] = $username; // Whatever variable you use to login

Then you can simple do this:

if (!$username) {
  header("Location: index.php");
  exit(); // I like putting this  after the header, just to be sure nothing funky goes on:
}

9894770 · May 12, 2015, 2:48pm

I’m getting an Unidentified variable, but this is the whole code when logging in, if it makes life a lot much easier for you guys to help me.

<?php // *** Validate request to login to this site
if (!isset($_SESSION)) {
session_start(); }
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}
if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "home.php";
$MM_redirectLoginFailed = "index.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_connections_record, $connections_record);
$LoginRS__query=sprintf("SELECT Username, Password FROM
loginregister WHERE Username=%s AND Password=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
$LoginRS = mysql_query($LoginRS__query, $connections_record) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";
if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}

StarLion · May 12, 2015, 2:51pm

Do not isset on $_SESSION.

You should call session_start() on every pageload. (Yes, i know it sounds wrong, but “start” here actually means “start or continue”)

Beyond that… if you still get an undefined variable, where?

9894770 · May 12, 2015, 2:57pm

When I use your code from previous post

StarLion · May 12, 2015, 2:57pm

I meant which line? The error message should tell you which line to look at.

djsmithme · May 12, 2015, 3:03pm

Doesn’t

header("Location: ".$redirectURL);

have to include the domain as well?

define('URL', $_SERVER['SERVER_NAME']);
header("Location: ". URL . $redirectURL);

9894770 · May 12, 2015, 3:04pm

Nevermind, I was putting it on the wrong line, but the redirection still doesnt work

system · August 11, 2015, 10:18pm

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.