In the process of designing a social network, I am struggling to find a best practice to set login session.
At the moment I have an splash page, a header php, and a home page. The header php is included by the splash page and the home page. The splash page contains the log in form, and the home page is just the landing page for registered users.
Initially I thought it could be a good idea to check session login in the header php and re-route the users to the home page when they sign in. So here is the code:
//in splash page code for logging in script
$_SESSION[“new_user”] = $new_user;
header(“Location: splash_page.php”);
//in home page just include the header php
Doing so resulted in receiving an error message “Cannot modify header information - headers already sent” when I logged in.
Update: I changed the action attribute of log in form to “home_page.php” and it works as I wanted. But my question still remains that is this a good practice to set login session? I think there must be some kind of standard by all the social network builders out there.
Oh man, you are always dead on. The header php has a <?php ?> and then !DOCTYPE followed by some html codes. But I also want to invoke header() in the splash page (or other pages that include header php). What should I do then?
I was following this video series on how to make a social network from scratch:
The reason why I thought I had to use the header function after html is because:
the header php must contain some html
the splash page must include header php in the beginning
I want to have the flexibility to use header() after including the header php
Now my solution is actually change the action attribute of the sign in form to “home.php”. It works but is this a better solution than using header()? What if I want to use header() later for whatever reasons?
But… PHP doesnt actually spit things out in this fashion. It does ALL of it’s processing, and then flushes it’s output buffer to the browser. (There are functions that counteract this behavior, but lets assume the default).
So, my contention to you is that there is NO difference in doing this instead.
I have a db php that connects to the database and creates an object. This db php is included by the header php…If I write the code before include_once() I will have another error of referring to an non-existent object…
so… dont include db.php in header.php? Or more to the point, since i assume header.php requires database data (otherwise you wouldnt include it in in header.php, right?), require_once it instead.
Just to give a clear description:
I have header php, splash php, home php and other php
I want the header php to direct new users to splash if they are on other pages
I want the header php to direct signed in users to home if they are on index page
other pages are pretty much empty right now
splash php contains a block of code that uses db and also session
session_start() must be in header php to check login information
session_start() must also be in splash php to set login information
In header php:
require_once(db)
session stuff
function something(){
html stuff
}
In splash php, I have then:
require_once(header)
block of code…
The only problem with the solution is that if I use echo in the block of php code, the result shows above the header menu. But of course I can have some work around for it.