|
PHP - Login Script With Redirect To Previous Url Help
Hey freaks!
I have run into a bit of a snag and need a little guidance from the wise ones. I have a login script that users are redirected to if they land on restricted pages of my site. Initially, I used javascript (go back (-1) to get the user back to the page they were previously on after logging in - which worked fine...but only if they got their login credentials right the first time (which will probably never happen that often). The login form processes itself, so if they get it wrong, it comes back to login.php. I noticed that when I test logging in and purposely enter the wrong information, when I do enter the right info the login page comes back up because it was the previous url. I am not a big fan of JS and I am still fairly new to PHP, so I am not sure how to do this. I tried setting a session for the previous url using http referer (if the url did not equal login.php), but it did not like that at all! Undefined index, headers already sent, you name it...I got the error... I can post my code if need be, but it is just a basic login script (with a lot of Dreamweaver mumbo jumbo) that checks the username and pass in mysql. Any suggestions? Should I use a session for this? Or is it probably one of those switch statements that I am not remotely close in knowledge to writing myself...lol. Or even scarier...a custom function? Any help would be appreciated. Thanks! Similar TutorialsHi guys, Is it possible to make a page automatically redirect to the previous page a user was in once they submit a form? Thanks I'm trying to put together a script that redirects visitors based on their IP, user agent and/or referral url. Basically I want the script to scan these three factors from the visitor, if any of them turn out to match my redirect-requirement it redirects the user. I know the code is horribly coded, I'm incredibly new to the php-scene and consider myself a complete noob. As you can see I want redirected visitors to go to google.com and un-redirected to msn.com(examples). Really thankful for all the help I can get! Right now nothing works, any suggestions? <?php function redirect($page) { Header( "HTTP/1.1 301 Moved Permanently" ); header('Location: ' . $page); exit; } $referrals=array('pitchingit.org','referral2'); $badAgents = array("useragent1", "useragent2"); $deny = array("78.105.191..*","100.101.103..*"); if (in_array($_SERVER['HTTP_REFERER'], $referrals, FALSE)) { header("Location: http://www.google.com"); } else { header("Location: http://www.msn.com"); } if(in_array($_SERVER['HTTP_USER_AGENT'],$badAgents)) { redirect("http://www.google.com/"); exit(); } $add=$_SERVER['REMOTE_ADDR']; foreach ($deny as $ip) { if (preg_match("^.$add.*^",$ip)) { redirect("http://www.google.com"); } } redirect("http://www.msn.com"); ?> I'm trying to make a login page called login.html, currently my check.php posts from a submit button then checks the username and password fields. if (mysql_num_rows($res)==0) { echo "Username or password is incorrect <br>"; echo 'Click <a href="login.html">here</a> to try again'; } else { echo "Your Username and Password is correct, welcome<br>"; echo 'To enter the members area, click <a href="users.html">here</a> to enter'; } If the username or password is incorrect the site goes from login.html to check.php page and displays as expected: Username or password is incorrect Click here to try again Ideally, what I would like to happen would be the login.html page would let the user know that the username or password was incorrect. In a similar way to how https://www.stumbleupon.com/login does it. Or just an easier way to just replace the php code to redirect the user to a page like login_incorrect.html or something similar? I have tried simply copying the login.html code and putting it in a page called login.php and then adding the check.php code to this too, although this works I dont really want users to be able to see the code when going to the page source of login.php Thanks in advance
Hello all
My theme uses this file (socials-auth.php) to login with Google
I want the user to not redirect after logging into /my-account page and become the same as the current page wp_redirect( get_permalink( get_option( 'woocommerce_myaccount_page_id' ) ) );
And after the user login, his Gmail name will appear with a random number,
if ( ! empty( $userProfile ) ) {
$email = $userProfile->email;
if ( email_exists( $email ) ) {
$user_data = get_user_by( "email", $email );
mf_login_user( $user_data );
wp_redirect( get_permalink( get_option( 'woocommerce_myaccount_page_id' ) ) );
} else {
list( $user_login, $no_matter_data ) = explode( '@', $email );
$u_login = $user_login . rand( 1000, 9999999 );
$password = bin2hex( random_bytes( 15 ) );
$user_register_data = [
'user_login' => apply_filters( 'pre_user_login', $u_login ),
'user_email' => apply_filters( 'pre_user_email', $email ),
'user_pass' => apply_filters( 'pre_user_pass', $password ),
];
Hope you can help me Hi, i need help with refferer redirect after login. Example: - i am on user profile page (not required to be logged in) - when i click send PM (it goes to that address and that page check if user is logged in, if not it redirect user to login page) now in input hidden value(login page), where i save referrer url, there is not address of send PM link, but link from users profile page, i dont know why ? And after i login it redirect me to profile page not to send PM page. This is that send PM page: Code: [Select] <?php include("includes/connection.php"); ?> <?php include("includes/functions.php"); ?> <?php check_login(); ?> <?php include("includes/header.php"); ?> . . . . . Login input hidden field: Code: [Select] <input type="hidden" name="ref" value="<?php echo (isset($_SERVER['HTTP_REFERER'])) ? $_SERVER['HTTP_REFERER'] : ''; ?>" />Why it doesnt redirect me to send PM page after login ? I have written some php that forces login before accessing certain pages on my site. When a user sends an private message to another user, they are notified via email. In the email they can then click the view message link to take them right to the message, but if they aren't logged in they are sent to the login page. I'd like them to be redirected to the message after logging in, but I'm getting a php error. This is currently working for URL's like: domain.com/known-bugs Does NOT work: http://domain.com/messaging?action=read&cid=130&utm_source=new_message&utm_medium=email&utm_campaign=direct_mesage_link I think the query string is a problem in the script. To create this login feature. I am using... Code: [Select] $login = array( 'blogadd', 'messaging', 'company-settings', 'company-landing', 'company-create', 'company-join', 'account-settings', 'logout', 'home', 'newsadd', 'partnerRequest', 'known-bugs', 'reminders' ); $page = substr(end(explode(DIRECTORY_SEPARATOR, $_SERVER['PHP_SELF'])), 0, -4); if (in_array($page, $login)) { $urlSource = urlencode(curPageUrl()); header("Location: /login?onlogin=${urlSource}"); die(); } curPageURL is just the full url of the current page. WORKS: When I'm not logged in and I go to the known-bugs page I get redirected to http://domain.com/login?onlogin=http%3A%2F%2Fdomain.com%2Fknown-bugs DOESN'T WORK: When I try and access messaging by clicking... http://domain.com/messaging?action=read&cid=130&utm_source=new_message&utm_medium=email&utm_campaign=direct_mesage_link I get redirected to: http://domain.com/login?onlogin=http%3A%2F%2Fdomain.com%2Fmessaging%3Faction%3Dread%26cid%3D130%26utm_source%3Dnew_message%26utm_medium%3Demail%26utm_campaign%3Ddirect_mesage_link Any thoughts as to what I am doing wrong? Hello guys, Is there on web any updated tutorial on how can I add Facebook login on my simple php login script? Hi, I have a url redirect set up on my site, when I use this I am unable to login, if I use the original Domain name it works fine, thanks for your help. I want people to login and then be redirected back to the page from where they came from. I was thinking that maybe I would have to use $_GET for 3 pages but I don't know if there is any easier way. Redirect to login with dynamic URL (?p=) doesn't work I have two webpages that I want to be accessible only when the user is logged in. One for admin and one for other users. When a user who isn't logged in arrive to these pages I want to redirect the page to login.php. This doesn't work with the website I am working on. I use this script on the startpage: Code: [Select] <?php if(file_exists($_GET['p'].".php")){ include($_GET['p'].".php"); } else{ if(empty($_GET['p']) OR $_GET['p'] == ""){ include("main.php"); } else{ include("404.php"); } } ?> and therefore my links have this format: ?p=mapp/filnamn and it doesn't work with header('Location: /?p=admin/login'); If I skip this script and use ordinary links header('Location: /admin/login.php'); it works, but I don't want to be forced to copy the same code over and over again to get header, footer, leftbar and rightbar on every single page. I have almost teared my brain apart to find a solution but in vain. Today I have been sitting in front of the computer almost the whole day with this problem, but no luck. I don't even know what to search for. What is it I don't understand? Not long time ago I hade another problem just because I use dynamic links. This is the script I use on the page that I don't want to be accessible if you aren't logged in: Code: [Select] <?php session_start(); $username = $_SESSION['username']; include ('functions.php'); db_connect(); if(!empty($_SESSION['username'])){ $sql = mysql_query("SELECT username, usertype FROM users WHERE username='$username'"); $result = mysql_num_rows($sql); $row = mysql_fetch_array($sql); if($_SESSION['username'] = $username AND $row['usertype']==1){ $_SESSION['username'] = $username; $user_welcome = "Welcome ".$username; } else{ //header('Location: /?p=admin/login'); die("<a href='?p=admin/login'>You have to login as admin to access this page!</a>"); } } else{ //header('Location: /?p=admin/login'); die("<a href='?p=admin/login'>You have to login to access this page</a>"); } ?> I use "die" because it is the only way for me to make it work, but I want to use what is in the comments. Maybe it's not such a bad idea to use the method I use today, but the problem is that when I get the message that I have to login to view the page, the rightbar disappear and the page therefor looks stupid. Another question I am wondering about, is if the above script is secure? It doesn't feel like it, but maybe the security is all about the loginpage? http://pixpresso.mycyberlove.com/ This is my test hosting for this site I'm making. Navigation and facebook login are almost done. So, the problem is that after facebook login URL is http://pixpresso.mycyberlove.com/#_=_ Why is this? Is this bad, should I and can I remove this? Is there a way to get current logged in username and based on that redirect to a different page? I’m using the following secure PHP login without MySql as a login system: https://sourceforge.net/projects/phploginbyvallastech/ Now I’m looking to redirect each logged in user to their personalized page. But I can’t figure out how to A) fetch the current logged in user and B) redirect multiple users. This code redirects to the latter address, but the username based redirect is not working: <?php session_start(); if ($_SESSION["username"]==User1){ header("location: user1content.php"); exit; } else { header("location: generalcontent.php"); exit; } { ?> <?php } ?>
So it’s clearly not fetching the logged in user. Though <?php echo $login->username; ?> fetches the username just fine. Hi there,
I have a client who has a form on a php page that posts data to a script. That script process the post data and generates a pdf which comes back and is automatically downloaded in the user's browser. They would like to redirect the user to a separate page after this process is complete. I have tried redirecting by adding :
header( 'Location: http://www.yoursite.com/new_page.html' ) ;
I am trying to find a way to check if a user has already entered their email address in my MySQL database.
If they have an entry then it jumps to another script that avoids the questionnaire, but if they have no entry, then they do the questionnaire.
I have tried using
header('Location: /questionnaire.html');
but I get this error warning:
Warning: Cannot modify header information - headers already sent by (output started at /homepages/43/d344817611/htdocs/Test/questionnaire_connect.php:14) in /homepages/43/d344817611/htdocs/Test/eCheck.php on line 16
The script I am using:
<?php
include('questionnaire_connect.php');
doDB12();
if ($_POST["email"] == "") {
header("Location: emailChecker.html");
exit;
} else {
//check that email is in list
emailChecker($_POST["email"]);
//get number of results and do action
if (mysqli_num_rows($check_res) < 1) {
//free result
mysqli_free_result($check_res);
header('Location: /questionnaire.html');
}else {
header('Location: /Alt_inputform.html');
}
}
//close connection to MySQL
mysqli_close($mysqli);
?>
The emailChecker is a function in the DB connect script:
function emailChecker($email) {
global $mysqli, $check_res;
//check that email is not already in list
$check_sql = "SELECT id FROM questionnaire WHERE email = '".$email."'";
$check_res = mysqli_query($mysqli, $check_sql) or die(mysqli_error($mysqli));
}
Is there another way I can redirect the program flow other than using Header?
hi guys, any help will be much appreciated!! basically i have a login script, that i want to check mutliple tables and i am stuggling to get it to work! what i have is basically: <?php session_start(); $_SESSION['loggedin'] = false; include("functions.php"); extract($_POST); $query = "SELECT * From table1 WHERE email='$email' and password='$password';"; $result = doQuery($query); if($result==false) { $query = "SELECT * From table2 WHERE email='$email' and password='$password';"; $result = doQuery($query); if($result==false) { $query = "SELECT * From table3 WHERE email='$email' and password='$password';"; $result = doQuery($query); if($result==false) { $query = "SELECT * From table4 WHERE email='$email' and password='$password';"; $result = doQuery($query); if($result==false) { } else { if(mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $_SESSION['loggedin'] = true; $_SESSION['id'] = $_POST['id']; header("Location:1"); } else { header("Location:wrong.php"); } } } else { if(mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $_SESSION['loggedin'] = true; $_SESSION['id'] = $_POST['id']; header("Location:2"); } else { header("Location:wrong.php"); } } } else { if(mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $_SESSION['loggedin'] = true; $_SESSION['id'] = $_POST['id']; header("Location:3"); } else { header("Location:wrong.php"); } } } else { if(mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $_SESSION['loggedin'] = true; $_SESSION['id'] = $_POST['id']; header("Location:4"); } else { header("Location:wrong.php"); } } ?> please check the login script ...its failed in loading to the home page.! and its not working
login.php 6.69KB
9 downloads
login.php 6.69KB
9 downloads
Okay, a few of you have been helping me with a login script problem. I have changed it quite a bit again, but I am still running into a little bit of a problem. When I click the submit button it just clears the form fields and stays on the login page. Also, I have used error_reporting(E_ALL) to help me out with debugging. I took care of three bugs on my own but I cant seem to clear the two remaining bugs and the fact that it is not forwarding me to any page with my header statement. Thanks for your help in advance! Here is my code from my 'login.php' file. <?php session_start(); error_reporting (E_ALL); include("config.php"); if($_SERVER["REQUEST_METHOD"] == "POST") { // username and password sent from form $myusername=addslashes($_POST['username']); $mypassword=addslashes($_POST['password']); $sql="SELECT id FROM admin WHERE username='$myusername' and passcode='$mypassword'"; $result=mysql_query($sql); $row=mysql_fetch_array($result); $active=$row['active']; $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1) { session_register("myusername"); $_SESSION['login_user']=$myusername; header("location: main_interface.php"); } else { $error="The username or password you entered is invalid, please check your credentials and try again"; } } ?> <form action="" method="post"> <label>Username :</label> <input type="text" name="username"/><br /> <label>Password :</label> <input type="password" name="password"/><br/> <input type="submit" value=" Submit "/><br /> </form> Here are the error messages on the page Notice: Undefined index: active in login.php on line 20 Warning: Cannot modify header information - headers already sent by (output started at login.php:1) in login.php on line 29 Thanks in advance for your help! Hey everyone. I currently have a login script that uses cookies to check if the user is logged in. But I have been told that even if I have used md5() then the the password is still at risk, so I was wondering if using sessions would be better, or if there was some way to make the passwords in the cookies more secure? Here is the code I currently have to secure passwords in the cookie: Code: [Select] $_POST['pass'] = md5($_POST['pass']); if (!get_magic_quotes_gpc()) { $_POST['pass'] = addslashes($_POST['pass']); $_POST['username'] = addslashes($_POST['username']); } Hi all again, This script was working perfectly but I have not got a clue what changed in it or how and can not seem to find the problem. The connection works, email and password variables match the mysql databases so must be my Syntax. appreciate if you can help. <?php include("../cxn.php"); $sql = "SELECT password FROM Members WHERE email='$_POST[email]'"; $result = mysqli_query($cxn,$sql) or die ("Couldn't execute query1"); $num = mysqli_num_rows($result); if ($num >0) // Login Name found { $sql = "SELECT * FROM Members WHERE email='$_POST[email]' AND password=md5('$_POST[password]')"; $result2 = mysqli_query($cxn,$sql) or die ("Couldn't execute query2"); $num2 = mysqli_num_rows($result2); if ($num2 > 0) // password correct { session_start(); $_SESSION['auth']="yes"; $_SESSION['logname'] = $_POST['email']; $logname = $_SESSION['logname']; $today = date("Y-m-d h:i:s"); $sql = "INSERT INTO Login (email,loginTime) VALUES ('$logname', '$today')"; $result = mysqli_query($cxn,$sql) or die ("Can't execute insert query"); echo "you have logged in!"; header("Location: ../$_POST[page]"); } else { $message = "The email address, '$_POST[email]' is registered, but you have not entered the correct password! Please try again.<br>"; include("../login.html"); } } ?> |
|||||||