PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Ive put a login script on a site that im creating and its working fine. What i want to do next is make certain pages only accessable if ur logged into the site.
im very new to php and im sturggling on getting this working can someone show me a basic redirect if ur not logged in script please?
session_register("loginSuccess");
if ($username && $password) // if they are both correct
{
$loginSuccess = true;
$_SESSION["loginSuccess"] = true;
}
else
{
$_SESSION["loginSuccess"] = false;
}
Hope this helps.
KR
Dan.
Last edited by dasantillo on Thu Apr 27, 2006 10:59 am, edited 1 time in total.
I like to do what nOOb suggested. I usually put a piece of code called 'check_logged_in.php' or something to that effect into a small function and call that at the beginning of each logged in page via an include. I usually look for a session var being set to 'logged_in' or something like that. If it is not set, header the user back to the login page. Otherwise, the script will do what it is supposed to do if the user is logged in.
Don't forget to call http://www.php.net/exit after the redirection to the login page when you check the loginstatus... Otherwise code would still be executed... And browsers that don't follow redirections would get to see the output...
Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /login/main.php:2) in /login/include/session.php on line 46
Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /login/main.php:2) in /login/include/session.php on line 46
I think that the header function must be called before the <head> tag in the PHP file as the header function generates <head> anyway, meaning there would be two which would cause the error. I had this problem when I first started sessions with a login.
Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /login/main.php:2) in /login/include/session.php on line 46
<?php session_start(); ?> should be the very first line of your code. Starting the session sends information thru the headers so it must be the first piece of code that is going to write anything to the screen (browser). The same holds true regarding the header(); function. It must be used BEFORE any anything else is written to the page.
~Uber
Last edited by uberdragon on Fri Apr 28, 2006 11:09 am, edited 1 time in total.
session_start does not need to be the first line of your code. It does need to be called before any information is sent to the browser (code outputs, html code, other calls to header()) unless you are using the output control (ob_*) functions. It is good practice to set the call to session start as early in the script as possible.
Also, in your redirect header call, user full urls, not relative ones. From the PHP Manual:
The PHP Manual: HTTP Section wrote:* Copied from the header() function page *
Note: HTTP/1.1 requires an absolute URI as argument to Location: including the scheme, hostname and absolute path, but some clients accept relative URIs. You can usually use $_SERVER['HTTP_HOST'], $_SERVER['PHP_SELF'] and dirname() to make an absolute URI from a relative one yourself: