|
PHP - Redirect Based On Session Variable
Hi. I am trying to create a very simple admin login page that will let only me access a number of pages. I am trying the following code for the login page:
Code: [Select] <?php session_start(); // Define your username and password $username = "username"; $password = "password"; if ($_POST['txtUsername'] == $username && $_POST['txtPassword'] == $password) { $_SESSION['admin']="true"; header("location: admin.php"); } ?> ### HTML code and form for entering in username and password with action echoing it back to itself ### On the admin.php page i then try: Code: [Select] <?php if ($_SESSION['admin'] != "true") { header("location: login.php");} else { ?> ### code for the rest of the page ### I am fairly new to all this and cant understand why its remaining on the login page and not sending me to admin.php when the password and username are correct. Is this the correct way to be going about it? I envisaged simply adding the above code to the top of any page only the admin could see. Any help is much appreciated. Similar TutorialsI am attempting to us glob to display contents of a users folder using a session variable. Example: I have a session variable called department Code: [Select] $row_fullname['department']; In department I have the name of the department the user belongs to such as: office, plant, maintenance, and groundskeeping I created a folder called docs inside of docs there are 4 subfolders called office, plant, maintenance, and groundskeeping I found this code which will display the contents of the folder: Code: [Select] <?php $files = glob( './docs/office/*.*' ); foreach ( $files as $file ) { echo '<a href="./docs/office/' . basename( $file ) . '"target="_blank">' . basename( $file ) . '</a><br />'; } ?> The above code works fine, but I would like it to only display the contents of a departments folder only if the user is part on that department. Here is an example that I know is completely wrong but it may help explain what I am trying to do. Code: [Select] <?php ]<?php $files = glob( './docs/echo $row_fullname['department'];/*.*' ); foreach ( $files as $file ) { echo '<a href="./docs/echo $row_fullname['department'];/' . basename( $file ) . '"target="_blank">' . basename( $file ) . '</a><br />'; } ?>Thanks for your time Ok so a user tries to access a part of the site that requires them to login. So they are taken to the login page. but when they login I want them transfered to the page they were going to. So i thought of something like: <a href="securepage.php" onClick="<?php echo $_SESSION['clicked_link'] = $site_root.'securepage.php'; ?>"> Click Here </a> But when I echo $_SESSION['clicked_link'] not only am i getting the url i am getting the content after. echoed it looks like: http://www.thevault.cz.cc/securepage.php">Click Here So is there a better way to do it? if not what would i need to do to remove everything after the " ? My login script stores the user's login name as $_SESSION[ 'name'] on login. For some unapparent reason, i'm getting errors stating that $user and $priv are undefined variables, though I've attempted to define $user as being equal to $_SESSION['name'], using $user to look up the the user's privilege level (stored as the su column ) in the SQL table, and then where the result of the sql query is $priv which is then evaluated in an if statement. I can't seem to figure out why this might not be working. The code I'm using:
<?php
session_start();
function verify() {
//verify that the user is logged in via the login page. Session_start has already been called.
if (!isset($_SESSION['loggedin'])) {
header('Location: /index.html');
exit;
}
//if user is logged in, we then lookup necessary privleges. $_SESSION['name'] was written with the login name upon login. Privleges // are written in db as a single-digit integer of of 0 for users, 1 for administrators, and 2 for special users.
$user === $_SESSION['name'];
//Connect to Databse
$link = mysqli_connect("127.0.0.1", "database user", "password", "database");
if (!$link) {
echo "Error: Unable to connect to MySQL." . PHP_EOL;
echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL;
echo "Debugging error: " . mysqli_connect_error() . PHP_EOL;
exit;
}
//SQL Statement to lookup privlege information.
if ($result = mysqli_query($link, "SELECT su FROM accounts WHERE username = $user", MYSQLI_STORE_RESULT)) {
//LOOP TO CYCLE THROUGH SQL RESULTS AND STORE Privlege information as vairable $priv.
while ($row = $result->fetch_assoc()) {
$priv === $row["su"];
}
}
// close SQL connection.
mysqli_close($link);
// Verify privleges and take action. Only a privlege of "1" is allowed to view this page. A privlege of "2" indicates special
//accounts used in other scripts that have certain indermediate additional functions, but are not trusted administrators.
if ($priv !== 1) {
echo $_SESSION['name'];
echo "you have privlege level of $priv";
echo "<br>";
echo 'Your account does not have the privleges necessary to view this page';
exit;
}
}
verify();
?>
Greetings gurus, I need some help, please. I have a classic ASP background and now trying to get my feet wet with php. We have a web app that is used by several depts. I have been told to modify the app so that user is redirected to a site specific to their dept. For instance, if we have say, 3 deppts, HR, IT, and Payroll; if a user who belongs to the Payroll dept logs into the system, s/he will be redirected to PayRoll section of the page. I have done this tons of times using asp. Below is the code I used for asp: Code: [Select] 'Page = validateUser.asp SQL ="SELECT * FROM users " _ & " WHERE Username = '" & Request.Form("txtUserid") & "'" _ & " AND password = '" & Request.Form("TxtPassword") & "' " Set objRS = objConn.Execute( SQL ) If Not objRS.EOF Then If objRS("password") = Request.Form("txtPassword") Then Session.Contents("access_level") = objRS("access_level") Session.Contents("userID") = objRS("userID") 'ID column Session("username") = objRS("username") Session("password") = objRS("password") access_level = CInt(Session("access_level")) username = CStr(Session("username")) Select Case access_level Case 1 Response.Redirect "HRPage.asp" Case 2 Response.Redirect "PayrollPage.asp" Case 3 Response.Redirect "ITPage.asp" Case Else Response.Redirect "default.asp" End Select Else Response.Write "Sorry, but the password that you entered is incorrect." End If Else Response.Write "Sorry, but the username that you entered does not exist." End If objRS.Close Set objRS = Nothing objConn.Close Set objConn = Nothing Then on each page, I would do the check before redirecting the user: Code: [Select] If Session.Contents("access_level") <> 1 AND _ Session.Contents("access_level") <> 2 AND _ Session.Contents("access_level") Then Response.Redirect "default.asp" End If How I can use similar code in php? I hope you can assist me. Thanks very much Good day: I am tryint to redirect back to a page based on non selection. I am using this code, it is redirecting but not passing the $aid variable on the url. The page is getting the passed variable before doing the redirect. Here is the code: Code: [Select] if ($_POST['hid']==0) { header('Location: sample.php?aid=."$aid"'); } Thanks in advance. Hi there,
Is it possible to redirect to another URL based on the cookie that has already loaded on the page?
For example,
If cookie = cookie_name then redirect to http://www.google.com
Thanks!
Hi, I'm trying to get a working php script that will redirect visitors based on a number of variables. I first want to check the country the visitor is from, and redirect based on the user's country ip address. If visitor is not from the US, then go to google.com (for example)... but only after also checking some other variables. I want to also redirect any user (including US visitors) who are using a mobile device browser/cell phone, and redirect visitors coming from a Linux box. I'm not sure how to add those as if/else statement. Any help would be appreciated. Here's what I have so far... Geo ip Redirect: ------------------- <?php require_once("GeoIP.inc"); $gi = geoip_open("GeoIP.dat",GEOIP_STANDARD); $country_code = geoip_country_code_by_addr($gi, $_SERVER['REMOTE_ADDR']); geoip_close($gi); if($country_code == 'US') { header('Location: http://www.google.com'); } else { header("Location: http://www.redirect.com"); } ?> Mobile Browser Redirect: ------------------------------ require_once('mobile_device_detect.php'); mobile_device_detect(true,false,true,true,true,true,true,'http://redirect.com',false); So not sure how to detect and redirect Linux users, and then how to link these all together in one script so it checks all variables before sending user to destination URL. Hope you can help. I really appreciate it! I've got a weird problem which affects only Safari browsers. Site A offers user a login page and validates the credentials by calling HTTPRequest on site B ( this call starts new session, user password is checked and session id stored in the db). If user login details are OK, site A redirects user to site B ( different domains and physical boxes). It worked well before the last Safari update (5.0.1) - when user login is being checked, server B creates session X, after the redirect, session_start() creates absolutely different session Y. All sessions are maintained by cookies only (SSL). Any ideas how to maintain the same session during the redirect? Thanks! i have a login script im using if someone landed accidentally on a page i want him to be redirected and not have access Code: [Select] <?php if (isset($session->logged_in)){ } else{header("Location: ../index.php");} ?> Hoping someone can help. I have a file, say bounce.php that uses php url ramdomizer, like this: <?php $urls = array("link1", "link2"); $url = $urls[array_rand($urls)]; header("Location: http://$url"); ?> What I want is to only allow that code to execute if the user is coming from another php page on the same sever/folder. So like this.... So bounce.php will check where the traffic is coming from.....if traffic is coming from page1.php (file on same server) then it will allow URL REDIRECT CODE to execute, if traffic is coming from another source, such as google.com, or from no referel, then person is sent to another site, say msn.com. Hi This should be pretty simple but I can't figure it out.
I want to create and simple forward to different URL based on the user entry.
For example.. If they enter ABC in the box they go to www.11.com if they enter ZXC in the box they go to www.22.com if they enter CCC they go to www.33.com If they enter anything else they get an error message.
Thanks for any help!!
Hi, can anyone help me?
I am trying to create a form which asks the user to input their postcode then submit. the purpose is so if the service my site offers is not available in the location that the end user lives, then I want to display a message saying 'Sorry, not available', but if they are in area then it redirects to another page.
My form code is:
<form method="post" action="forwarder.php">
<p> Enter Post Code He <input type = "text" name = "zip" id = "zip" size = "10" maxlength = "5" ">
<input type='submit'>
</form>
My PHP is:
<?php
$zip = isset ($_POST['zip']) {
if ($zip=='NG15') {
header('Location: https://www.bing.com');
} else {
header('Location: http://www.google.co.uk')
}
?>
I am a bit of a newbie at this, and I know my PHP won't give me my desired result, but I was using this to try and test the concept. Help would be really appreciated, and if you can show me how to do it for multiple postcodes even better
Hello, This is what I'm trying to-do. I have an index.php file I would like a bit of code that says "If you got here from www.websitea.com (or a link within that site) OR www.websiteb.com" do this : else do this: I'm just not sure how to check where they're coming from. so basically if your on google.ca and you goto the site it will exicute the else part of the code but if your already on sitea or b and you click a link it will not Hello everyone, I can get Test 2 to successfully operate the if statement using a variable variable. But when I try the same method using a session variable (Test 1) the if statement is not executed. Please could you tell me why the if statement in Test 1 is not being executed? Code: [Select] <?php # TEST 1 $_SESSION[test_variable] = "abcd"; $session_variable_name = "_SESSION[test_variable]"; if ($$session_variable_name == "abcd") { echo "<br>line 373, abcd<br>"; } # TEST 2 $test_variable = "efgh"; $test_variable_name = "test_variable"; if ($$test_variable_name == "efgh") { echo "<br>line 379, efgh<br>"; } ?> Many thanks, Stu i'm need to retrieve a session after i've collected the data and went to PayPal (...urk...) i think i'm starting off correctly... but how the hell do i get the session name on the other side? Code: [Select] $uuid = uniqid(); session_name = $uuid; session_start(); // do some stuff // go to PayPal // come back from PayPal ....um... now i'm lost! how do i get the $uuid here?? once i come back from PayPal... this is where i get lost. how do i load a UUID-based session if i can't get the $uuid? and if there's a better way, by all means let me know! someone said i could pass the $uuid through PayPal, but i'm not seeing how yet... TIA gang! WR! I am working on getting members that are ready to make a payment after they have logged in and want to view their emails to make the payment first. How can I reprogram my session to stop them from entering the email section and make a payment first. This is my codes which work fine. Just need to know how to amend it to redirect them to payment. <?php //Start session session_start(); //Check whether the session variable SESS_MEMBER_ID is present or not if(!isset($_SESSION['SESS_ID']) || (trim($_SESSION['SESS_ID']) == '')) { header("location: access-denied.php"); exit(); } ?> I have four session variables, two I am valueing using $_POST elements from a previous page's form, the other two I am valueing using items retrieved from a database. Here is the code - ---------------------------------------------------- <?php session_start(); $_SESSION['UserLastName'] = strtolower(trim($_POST['txtLastName'])); $_SESSION['BadgeID'] = trim($_POST['txtBadgeID']); //get list for supervisor drop down $q1 = sprintf("select * from emps where emp_last = '".$_SESSION['UserLastName']."' and emp_badge = '".$_SESSION['BadgeID']."'"); $rs_emp_info = hitMSSQL($q1,"intra_sql","employees","xxxx","xxxx",1); $_SESSION['SSN'] = $rs_emp_info->fields("emp_ssn"); $_SESSION['CostCenter'] = $rs_emp_info->fields("emp_costcenter"); if ($_POST['rdoAction'] == 0) { header("Location: http://webapps/injury/empForm.php"); } ?> ---------------------------- When I get to the next page, empForm.php, the Last name and badge ID session vars are populated but the SSN and Cost Center session vars are not. I have tried several things including putting an exit(); after my header statement and first putting the database items into plain old $vars and then trying to populate the session vars with the value of the regular $vars, but nothing seems to work. I have a session_start() at the top of all of my scripts. Any idea why I am losing these values? (and why this box that I am typing into on this site is bouncing around so badly that I can't see what I am typing here???) This topic has been moved to mod_rewrite. http://www.phpfreaks.com/forums/index.php?topic=315834.0 Hey guys, i always get the error: Warning: Cannot modify header information - headers already sent by (output started at /home/worldw44/public_html/Newsletter/Admin/Admin.php:1) in /home/worldw44/public_html/Newsletter/Admin/Admin.php on line 6 when im tyring to run: <?php if(isset($_SESSION['adminlogin'])) { $run=yes; } else { header( 'Location: http://www.worldwidelighthouses.com/Newsletter/Admin/Log-In.php'); }?> <!DOCTYPE HTML> <html lang="en-GB"> <head> <meta charset="utf-8"> <!--Search Engine Meta Tags--> <meta name="author" content="Worldwide Lighthouses"> <meta name="keywords" content="Lighthouses,Lightships,Trinity House,Fog Signals,Fog Horns,Fresnel"> <meta name="description" content="Worldwide Lighthouses is the number 1 source of information, pictures and videos on the Subject of Lighthouses and Lightships"> <!--Stylesheets/Javascript--> <link rel="stylesheet" href="../../Page-Layout.css" media="screen and (min-width: 481px)"> <link rel="stylesheet" href="../../Mobile-Page-Layout.css" media="only screen and (max-width:480px)"> <!--Mobile Browser Support--> <meta name="viewport" content="width=320; initial-scale=1.0; maximum-scale=1.0; user-scalable=0;"> <!--IE Support--> <!--[if lt IE 9]><script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script> <link rel="stylesheet" href="../Page-Layout.css"><![endif]--> <meta name="application-name" content="Worldwide Lighthouses"> <meta name="msapplication-starturl" content="http://worldwidelighthouses.com/"> <meta name="msapplication-tooltip" content="Worldwide Lighthouses: Your number one source of Lighthouse Information, Videos and Pictures"> <meta name="msapplication-task" content="name=Lighthouses;action-uri=http://worldwidelighthouses.com/Lighthouses.php;icon-uri=http://worldwidelighthouses.com/IE9/Lighthouses.ico"> <meta name="msapplication-task" content="name=Lightships;action-uri=http://worldwidelighthouses.com/Lightships.php;icon-uri=http://worldwidelighthouses.com/IE9/Lightships.ico"> <meta name="msapplication-task" content="name=Fog Signals;action-uri=http://worldwidelighthouses.com/Fog-Signals.php;icon-uri=http://worldwidelighthouses.com/IE9/Fog-Signals.ico"> <meta name="msapplication-task" content="name=Glossary;action-uri=http://worldwidelighthouses.com/Glossary.php;icon-uri=http://worldwidelighthouses.com/IE9/Glossary.ico"> <title>Mailing List Administration | Worldwide Lighthouses</title> </head> <body> <header> <h1 id="WWLH">Worldwide Lighthouses</h1> <form method="get" action="http://www.worldwidelighthouses.com/Search/search.php" id="Search-Box"> <input type="search" placeholder="Search Worldwide Lighthouses" name="query" id="query" size="30" value="" autocomplete="off"> <input type="submit" value="Search"> <input type="hidden" name="search" value="1"> </form> </header> <nav> <ul id="Nav"> <li class="MenuButton" id="Index"><a href="../Index.php"><p class="Nav">Home</p></a></li> <li class="MenuButton" id="Lighthouses"><a href="../Lighthouses.php"><p class="Nav">Lighthouses</p></a></li> <li class="MenuButton" id="Lightships"><a href="../Lightships.php"><p class="Nav">Lightships</p></a></li> <li class="MenuButton" id="FogSignals"><a href="../Fog-Signals.php"><p class="Nav">Fog Signals</p></a></li> <li class="MenuButton" id="Daymarks"><a href="../Daymarks.php"><p class="Nav">Daymarks</p></a></li> <li class="MenuButton" id="Buoys"><a href="../Buoys.php"><p class="Nav">Buoys</p></a></li> <li id="MenuButtonLast"><a href="../Glossary.php"><p class="Nav">Glossary</p></a></li> </ul> </nav> <article> <h1 class="Title">Contact Admin Centre</h1> <div class="Textbox"> <div id="Social"> <a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="WWlighthouses">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script> <object id="Facebook" data="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fworldwidelighthouses.com/&layout=button_count&show_faces=false&width=450&action=like&colorscheme=light&height=21"></object> </div> </div> </article> <footer> <ul> <li><a href="../About.php">About</a></li> <li><a href="../Contact-us.php">Contact</a></li> <li><a href="../Use-Our-Media.php">Use our media</a></li> <li><a href="../Search/search.php">Search</a></li> <li><a href="../Social-Networking.php">Social</a></li> <li><a href="#Top">Back to top</a></li> </ul> <br> <br> &#169; Worldwide Lighthouses <?php echo date("Y"); ?> </footer> </body> Cany anyone offer some suggestions as to why? Note i have no ability to change phpconfig. |
|||||||