Page 1 of 1

Redirect after successful login

Posted: Tue Aug 25, 2009 11:29 pm
by edawson003
:P The below login page code works great; though, I'd rather after successful login the page redirects to another page. How can I work that bit into this code?

Code: Select all

 
<?
 
/*
Checks whether or not the given username is in the
database.. if so it checks if the given password is
the same password in the database for that user.
If the user doesnt exist or if the passwords dont
match up.. it returns an error code 1 or 2. On success it returns 0. 
*/
 
function confirmUser($username, $password){
   global $conn;
   /* Add slashes if necessary (for query) */
   if(!get_magic_quotes_gpc()) {
    $username = addslashes($username);
   }
 
   /* Verify that user is in database */
   $q = "select password from Users where username = '$username'";
   $result = mysql_query($q,$conn);
   if(!$result || (mysql_numrows($result) < 1)){
      return 1; //Indicates username failure
   }
 
   /* Retrieve password from result, strip slashes */
   $dbarray = mysql_fetch_array($result);
   $dbarray['password']  = stripslashes($dbarray['password']);
   $password = stripslashes($password);
 
   /* Validate that password is correct */
   if($password == $dbarray['password']){
      return 0; //Success! Username and password confirmed
   }
   else{
      return 2; //Indicates password failure
   }
}
 
/*
checkLogin Checks if the user has already previously
logged in and a session with the user has already been
established. Also checks to see if user has been remembered.
If so the database is queried to make sure of the users 
authenticity. Returns true if the user has logged in.
 */
 
function checkLogin(){
   /* Check if user has been remembered */
   if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
      $_SESSION['username'] = $_COOKIE['cookname'];
      $_SESSION['password'] = $_COOKIE['cookpass'];
   }
 
   /* Username and password have been set */
   if(isset($_SESSION['username']) && isset($_SESSION['password'])){
      /* Confirm that username and password are valid */
      if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
         /* Variables are incorrect, user not logged in */
         unset($_SESSION['username']);
         unset($_SESSION['password']);
         return false;
      }
      return true;
   }
   /* User not logged in */
   else{
      return false;
   }
}
 
/**
 * Determines whether or not to display the login
 * form or to show the user that he is logged in
 * based on if the session variables are set.
 */
function displayLogin(){
   global $logged_in;
   if($logged_in){
      echo "<h1>Logged In!</h1>";
      echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>";
 
   }
   else{
?>
 
<h1>Login</h1>
<form action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="left"><input type="checkbox" name="remember">
Remember me next time</td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="sublogin" value="Login"></td></tr>
<tr><td colspan="2" align="left"><a href="register.php">Join</a></td></tr>
</table>
</form>
 
<?
   }
}
 
 
/**
 * Checks to see if the user has submitted his
 * username and password through the login form,
 * if so, checks authenticity in database and
 * creates session.
 */
if(isset($_POST['sublogin'])){
   /* Check that all fields were typed in */
   if(!$_POST['user'] || !$_POST['pass']){
      die('You didn\'t fill in a required field.');
   }
   /* Spruce up username, check length */
   $_POST['user'] = trim($_POST['user']);
   if(strlen($_POST['user']) > 30){
      die("Sorry, the username is longer than 30 characters, please shorten it.");
   }
 
   /* Checks that username is in database and password is correct */
   $md5pass = md5($_POST['pass']);
   $result = confirmUser($_POST['user'], $md5pass);
 
   /* Check error codes */
   if($result == 1){
      die('That username doesn\'t exist in our database.');
   }
   else if($result == 2){
      die('Incorrect password, please try again.');
   }
 
   /* Username and password correct, register session variables */
   $_POST['user'] = stripslashes($_POST['user']);
   $_SESSION['username'] = $_POST['user'];
   $_SESSION['password'] = $md5pass;
 
   /**
    * This is the cool part: the user has requested that we remember that
    * he's logged in, so we set two cookies. One to hold his username,
    * and one to hold his md5 encrypted password. We set them both to
    * expire in 100 days. Now, next time he comes to our site, we will
    * log him in automatically.
    */
   if(isset($_POST['remember'])){
      setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
      setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
   }
 
   /* Quick self-redirect to avoid resending data on refresh */
   echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
   return;
}
 
/* Sets the value of the logged_in variable, which can be used in your code */
$logged_in = checkLogin();
 
?>
 
 

Re: Redirect after successful login

Posted: Wed Aug 26, 2009 12:13 am
by paqman
you can use php headers or javascript timeout redirects - google those 2 topics

Re: Redirect after successful login

Posted: Wed Aug 26, 2009 5:25 am
by edawson003
Per your suggestion, I tried the php header code. I found this code here: http://php.about.com/od/learnphp/ht/phpredirection.htm

However, I get this error message, "
Warning: Cannot modify header information - headers already sent by (output started at /home/claudett/public_html/membersarea/includes/outside_top_navi.php:9) in /home/claudett/public_html/login.php on line 79
"

I replaced this section of code:

Code: Select all

 
 
function displayLogin(){
   global $logged_in;
   if($logged_in){
      /* echo "<h1>Logged In!</h1>";
      echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>"; */
   }
 
with

Code: Select all

 
function displayLogin(){
   global $logged_in;
   if($logged_in){
      header( 'Location: http://www.MYURL.com/membersarea/membershome.php' ) ;
   }
 
I don't have any header tags on this page or the include files. Great suggestion. I think we are on to something...just need to twaek something and I think I will be good. just not sure what to tweek yet...

Re: Redirect after successful login

Posted: Wed Aug 26, 2009 5:43 am
by edawson003
I also tried the Javascript redirect and get this
Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in /home/claudett/public_html/login.php on line 80
:cry:

Code: Select all

function displayLogin(){
   global $logged_in;
   if($logged_in){
   
 echo  "<script type="text/javascript"><!--
setTimeout('Redirect()',4000);
function Redirect()
{
  location.href = 'membersarea/membershome.php';
}
// --></script>";
 
     }
   else{
?>

Re: Redirect after successful login

Posted: Wed Aug 26, 2009 5:56 am
by lorenzo-s
Doing in PHP header("Location: URL"); is the best thing you can do, in my opinion.

In Javascript, you are wrong with string delimiters. Do:

Code: Select all

function displayLogin(){
   global $logged_in;
   if($logged_in){
   
 echo  "<script type=\"text/javascript\"><!--
setTimeout('Redirect()',4000);
function Redirect()
{
  location.href = 'membersarea/membershome.php';
}
// --></script>";
 
     }
   else{
?>
I have just escaped " when necessary.

Re: Redirect after successful login

Posted: Wed Aug 26, 2009 9:29 am
by N1gel
Try the PHP header again

but this time se this code at the start of your php

Code: Select all

<?php ob_start();
You can read about it in the manual ob_start

Re: Redirect after successful login

Posted: Thu Aug 27, 2009 12:16 am
by edawson003
Fantastic!!!

Code: Select all

php ob_start();
did the trick. At first I was getting a parse error unaccepted $end...etc until I realised I need to put

Code: Select all

php ob_start();
on every page the session was active. Thank you so much!

Re: Redirect after successful login

Posted: Thu Aug 27, 2009 2:43 am
by edawson003
Now, I am trying to get the 'remember me' functionality to work when a returning user lands on the index page and the session is still active, but I want to redirect the user to the memberspace instead of the home page.

I applied

Code: Select all

<?
session_start(); 
include("membersarea/includes/members_top_navi.php");
include("database.php");
include("login.php");
?>
 
<? 
if($logged_in){
   header( 'Location: http://www.tracknfitness.com/membersare ... shome.php' ); 
} else{
 
?>
but I get
Parse error: syntax error, unexpected $end in /home/claudett/public_html/index2.php on line 47
As suggested, the
<?php ob_start();
is included in the Login.php file. Any thoughts?