Redirect after successful login

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
edawson003
Forum Contributor
Posts: 133
Joined: Thu Aug 20, 2009 6:34 am
Location: Los Angeles, CA - USA

Redirect after successful login

Post by edawson003 »

:P The below login page code works great; though, I'd rather after successful login the page redirects to another page. How can I work that bit into this code?

Code: Select all

 
<?
 
/*
Checks whether or not the given username is in the
database.. if so it checks if the given password is
the same password in the database for that user.
If the user doesnt exist or if the passwords dont
match up.. it returns an error code 1 or 2. On success it returns 0. 
*/
 
function confirmUser($username, $password){
   global $conn;
   /* Add slashes if necessary (for query) */
   if(!get_magic_quotes_gpc()) {
    $username = addslashes($username);
   }
 
   /* Verify that user is in database */
   $q = "select password from Users where username = '$username'";
   $result = mysql_query($q,$conn);
   if(!$result || (mysql_numrows($result) < 1)){
      return 1; //Indicates username failure
   }
 
   /* Retrieve password from result, strip slashes */
   $dbarray = mysql_fetch_array($result);
   $dbarray['password']  = stripslashes($dbarray['password']);
   $password = stripslashes($password);
 
   /* Validate that password is correct */
   if($password == $dbarray['password']){
      return 0; //Success! Username and password confirmed
   }
   else{
      return 2; //Indicates password failure
   }
}
 
/*
checkLogin Checks if the user has already previously
logged in and a session with the user has already been
established. Also checks to see if user has been remembered.
If so the database is queried to make sure of the users 
authenticity. Returns true if the user has logged in.
 */
 
function checkLogin(){
   /* Check if user has been remembered */
   if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
      $_SESSION['username'] = $_COOKIE['cookname'];
      $_SESSION['password'] = $_COOKIE['cookpass'];
   }
 
   /* Username and password have been set */
   if(isset($_SESSION['username']) && isset($_SESSION['password'])){
      /* Confirm that username and password are valid */
      if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
         /* Variables are incorrect, user not logged in */
         unset($_SESSION['username']);
         unset($_SESSION['password']);
         return false;
      }
      return true;
   }
   /* User not logged in */
   else{
      return false;
   }
}
 
/**
 * Determines whether or not to display the login
 * form or to show the user that he is logged in
 * based on if the session variables are set.
 */
function displayLogin(){
   global $logged_in;
   if($logged_in){
      echo "<h1>Logged In!</h1>";
      echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>";
 
   }
   else{
?>
 
<h1>Login</h1>
<form action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="left"><input type="checkbox" name="remember">
Remember me next time</td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="sublogin" value="Login"></td></tr>
<tr><td colspan="2" align="left"><a href="register.php">Join</a></td></tr>
</table>
</form>
 
<?
   }
}
 
 
/**
 * Checks to see if the user has submitted his
 * username and password through the login form,
 * if so, checks authenticity in database and
 * creates session.
 */
if(isset($_POST['sublogin'])){
   /* Check that all fields were typed in */
   if(!$_POST['user'] || !$_POST['pass']){
      die('You didn\'t fill in a required field.');
   }
   /* Spruce up username, check length */
   $_POST['user'] = trim($_POST['user']);
   if(strlen($_POST['user']) > 30){
      die("Sorry, the username is longer than 30 characters, please shorten it.");
   }
 
   /* Checks that username is in database and password is correct */
   $md5pass = md5($_POST['pass']);
   $result = confirmUser($_POST['user'], $md5pass);
 
   /* Check error codes */
   if($result == 1){
      die('That username doesn\'t exist in our database.');
   }
   else if($result == 2){
      die('Incorrect password, please try again.');
   }
 
   /* Username and password correct, register session variables */
   $_POST['user'] = stripslashes($_POST['user']);
   $_SESSION['username'] = $_POST['user'];
   $_SESSION['password'] = $md5pass;
 
   /**
    * This is the cool part: the user has requested that we remember that
    * he's logged in, so we set two cookies. One to hold his username,
    * and one to hold his md5 encrypted password. We set them both to
    * expire in 100 days. Now, next time he comes to our site, we will
    * log him in automatically.
    */
   if(isset($_POST['remember'])){
      setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
      setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
   }
 
   /* Quick self-redirect to avoid resending data on refresh */
   echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
   return;
}
 
/* Sets the value of the logged_in variable, which can be used in your code */
$logged_in = checkLogin();
 
?>
 
 
User avatar
paqman
Forum Contributor
Posts: 125
Joined: Sun Nov 14, 2004 7:41 pm
Location: Burnaby, BC, Canada

Re: Redirect after successful login

Post by paqman »

you can use php headers or javascript timeout redirects - google those 2 topics
User avatar
edawson003
Forum Contributor
Posts: 133
Joined: Thu Aug 20, 2009 6:34 am
Location: Los Angeles, CA - USA

Re: Redirect after successful login

Post by edawson003 »

Per your suggestion, I tried the php header code. I found this code here: http://php.about.com/od/learnphp/ht/phpredirection.htm

However, I get this error message, "
Warning: Cannot modify header information - headers already sent by (output started at /home/claudett/public_html/membersarea/includes/outside_top_navi.php:9) in /home/claudett/public_html/login.php on line 79
"

I replaced this section of code:

Code: Select all

 
 
function displayLogin(){
   global $logged_in;
   if($logged_in){
      /* echo "<h1>Logged In!</h1>";
      echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>"; */
   }
 
with

Code: Select all

 
function displayLogin(){
   global $logged_in;
   if($logged_in){
      header( 'Location: http://www.MYURL.com/membersarea/membershome.php' ) ;
   }
 
I don't have any header tags on this page or the include files. Great suggestion. I think we are on to something...just need to twaek something and I think I will be good. just not sure what to tweek yet...
Last edited by edawson003 on Mon Sep 14, 2009 12:04 am, edited 1 time in total.
User avatar
edawson003
Forum Contributor
Posts: 133
Joined: Thu Aug 20, 2009 6:34 am
Location: Los Angeles, CA - USA

Re: Redirect after successful login

Post by edawson003 »

I also tried the Javascript redirect and get this
Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in /home/claudett/public_html/login.php on line 80
:cry:

Code: Select all

function displayLogin(){
   global $logged_in;
   if($logged_in){
   
 echo  "<script type="text/javascript"><!--
setTimeout('Redirect()',4000);
function Redirect()
{
  location.href = 'membersarea/membershome.php';
}
// --></script>";
 
     }
   else{
?>
User avatar
lorenzo-s
Forum Commoner
Posts: 43
Joined: Tue Aug 25, 2009 12:25 pm

Re: Redirect after successful login

Post by lorenzo-s »

Doing in PHP header("Location: URL"); is the best thing you can do, in my opinion.

In Javascript, you are wrong with string delimiters. Do:

Code: Select all

function displayLogin(){
   global $logged_in;
   if($logged_in){
   
 echo  "<script type=\"text/javascript\"><!--
setTimeout('Redirect()',4000);
function Redirect()
{
  location.href = 'membersarea/membershome.php';
}
// --></script>";
 
     }
   else{
?>
I have just escaped " when necessary.
User avatar
N1gel
Forum Commoner
Posts: 95
Joined: Sun Apr 30, 2006 12:01 pm

Re: Redirect after successful login

Post by N1gel »

Try the PHP header again

but this time se this code at the start of your php

Code: Select all

<?php ob_start();
You can read about it in the manual ob_start
User avatar
edawson003
Forum Contributor
Posts: 133
Joined: Thu Aug 20, 2009 6:34 am
Location: Los Angeles, CA - USA

Re: Redirect after successful login

Post by edawson003 »

Fantastic!!!

Code: Select all

php ob_start();
did the trick. At first I was getting a parse error unaccepted $end...etc until I realised I need to put

Code: Select all

php ob_start();
on every page the session was active. Thank you so much!
User avatar
edawson003
Forum Contributor
Posts: 133
Joined: Thu Aug 20, 2009 6:34 am
Location: Los Angeles, CA - USA

Re: Redirect after successful login

Post by edawson003 »

Now, I am trying to get the 'remember me' functionality to work when a returning user lands on the index page and the session is still active, but I want to redirect the user to the memberspace instead of the home page.

I applied

Code: Select all

<?
session_start(); 
include("membersarea/includes/members_top_navi.php");
include("database.php");
include("login.php");
?>
 
<? 
if($logged_in){
   header( 'Location: http://www.tracknfitness.com/membersare ... shome.php' ); 
} else{
 
?>
but I get
Parse error: syntax error, unexpected $end in /home/claudett/public_html/index2.php on line 47
As suggested, the
<?php ob_start();
is included in the Login.php file. Any thoughts?
Post Reply