Page 1 of 2

redirect instead of die

Posted: Wed Jun 27, 2007 1:28 pm
by m2babaey
Hi
I want this code:

Code: Select all

function membersOnly() {
		if (!$_SESSION['logged']) {
			$_SESSION['log_to'] = $_SERVER['REQUEST_URI'];
		
		}
			die('This page is available only to registered members,
				you have to <a href="login.php">login</a> first, if ' .
				"you haven't" . ' <a href="signup.php">registered</a> ' .
				 'yet you can do that for free.');
	}
to be changed to something similar to:

Code: Select all

function membersOnly() {
		if (!$_SESSION['logged']) {
			$_SESSION['log_to'] = $_SERVER['REQUEST_URI'];
		
		}
else{ redirect('login.php/');
}
But it is skipping login and redirects to the protected page

Posted: Wed Jun 27, 2007 1:36 pm
by mentor
user header() to redirect the page.

Posted: Wed Jun 27, 2007 1:50 pm
by RobertGonzalez

Code: Select all

<?php
function membersOnly() {
    if (!$_SESSION['logged']) {
        $_SESSION['log_to'] = $_SERVER['REQUEST_URI'];
    } else { 
        header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_FILENAME']) . '/login.php');
        exit;
    }
}
?>

Posted: Wed Jun 27, 2007 3:31 pm
by m2babaey

Code: Select all

function membersOnly() {
    if (!$_SESSION['logged']) {
        $_SESSION['log_to'] = $_SERVER['REQUEST_URI'];
    } else {
        header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_FILENAME']) . '/login.php');
        exit;
    }
}
I can't understand why it does not ask to login when I replace the code below with the one Everah suggested :roll: :? :?

Code: Select all

function membersOnly() {
		if (!$_SESSION['logged']) {
			$_SESSION['log_to'] = $_SERVER['REQUEST_URI'];
			die('This page is available only to registered members,
				you have to <a href="login.php">login</a> first, if ' .
				"you haven't" . ' <a href="signup.php">registered</a> ' .
				 'yet you can do that for free.');
		}
	}
In fact, I'm trying to alter this page to this one :idea:

Posted: Wed Jun 27, 2007 3:46 pm
by RobertGonzalez
Do a var_dump($_SESSION['logged']); prior to checking against the var to see what is in it.

Posted: Wed Jun 27, 2007 4:00 pm
by volka
m2babaey wrote:

Code: Select all

function membersOnly() {
		if (!$_SESSION['logged']) {
			$_SESSION['log_to'] = $_SERVER['REQUEST_URI'];
			die('This page is available only to registered members,
				you have to <a href="login.php">login</a> first, if ' .
				"you haven't" . ' <a href="signup.php">registered</a> ' .
				 'yet you can do that for free.');
		}
	}
This makes a bit more sense than the frist version you've posted.
If _SESSION[logged] is set the user is allowed to visit the page, i.e. membersOnly() should redirect and stop processing the current requst if _SESSION[logged] is not set? If that is so please try

Code: Select all

function membersOnly() {
	error_reporting(E_ALL);
	ini_set('display_errors', true);
	
	if (!$_SESSION['logged']) {
		$_SESSION['log_to'] = $_SERVER['REQUEST_URI'];
		session_write_close();
		header('Location: /login.php');
		die();
	}
}

Posted: Thu Jun 28, 2007 1:43 am
by m2babaey
Thanks
it worked. now i'm using this code as the next step:

Code: Select all

function membersOnly() {
        error_reporting(E_ALL);
        ini_set('display_errors', true);
       
        if (!$_SESSION['logged']) {
                $_SESSION['log_to'] = $_SERVER['REQUEST_URI'];
                session_write_close();
            {   $file="login.php";
                 header('Location: message.php'); }
                die();
        }
}
and message.php has the following code on line 67:

Code: Select all

<?  include "$file"; ?>
now it is redircted to message.php but the login form is not shown in it. instead it prompts:
Notice: Undefined variable: file in g:\programs(2)\easyphp1-8\www\ha\previous\new folder\htdocs\message.php on line 67

Warning: main(): Failed opening '' for inclusion (include_path='.;G:/Programs(2)/EasyPHP1-8\php\pear\') in g:\programs(2)\easyphp1-8\www\ha\previous\new folder\htdocs\message.php on line 67

Posted: Thu Jun 28, 2007 3:33 am
by volka
header/location makes the client request another document.
New request, new instance of php, no $file.

Posted: Thu Jun 28, 2007 4:00 am
by m2babaey
so I have to create a full page for any message I want to display?
I wanted to have one page message.php and show all messages there. then it would be like an external CSS file so easy to edit the whole site by editing one page message .php.
http://pedia.sys17.net/wantprolikethis.htm

Posted: Thu Jun 28, 2007 4:15 am
by volka
You could simply include the file instead of using header/location.

Posted: Thu Jun 28, 2007 4:34 am
by m2babaey
using

Code: Select all

function membersOnly() {
        error_reporting(E_ALL);
        ini_set('display_errors', true);
       
        if (!$_SESSION['logged']) {
                $_SESSION['log_to'] = $_SERVER['REQUEST_URI'];
                session_write_close();
            
             $file="login.php";
               include "http://127.0.0.1/ha/previous/New%20Folder/htdocs/message.php";
                die();
        }
still getting the error:
Notice: Undefined variable: file in g:\programs(2)\easyphp1-8\www\ha\previous\new folder\htdocs\message.php on line 67

Warning: main(): Failed opening '' for inclusion (include_path='.;G:/Programs(2)/EasyPHP1-8\php\pear\') in g:\programs(2)\easyphp1-8\www\ha\previous\new folder\htdocs\message.php on line 67

Posted: Thu Jun 28, 2007 4:37 am
by volka
why do you use include('http://.... ?

Posted: Thu Jun 28, 2007 4:52 am
by m2babaey
Hi
why do you use include('http://.... ?
because it was in an upper directory and it was not working when using '../login.php'

this code solved it:

Code: Select all

function membersOnly() {
        error_reporting(E_ALL);
        ini_set('display_errors', true);
       
        if (!$_SESSION['logged']) {
                $_SESSION['log_to'] = $_SERVER['REQUEST_URI'];
                session_write_close();
            session_start(); 
                $_SESSION['file'] = "login.php";
                include 'message.php';
                            die();
        }
}
and in message.php:

Code: Select all

<?  include $_SESSION['file']; ?>
it shows the login form now. but it prompts another error upon login:
Fatal error: Call to a member function on a non-object in g:\programs(2)\easyphp1-8\www\ha\previous\new folder\htdocs\login.php on line 36
this error does not occur when I use login.php alone for logging in.
line 36 begins as:

Code: Select all

if ($user->_checkLogin($processed['username'], $processed['password'], $remember)) {
			if (isset($_SESSION['log_to'])) {
				redirect($_SESSION['log_to']);
			} else {
				redirect('account.php/');
			}
		} else {
			failed($form);
		}

Posted: Thu Jun 28, 2007 4:55 am
by volka
and where is $user set?

Posted: Thu Jun 28, 2007 5:15 am
by m2babaey
here:

Code: Select all

$db = db_connect();
$user = new User($db);
User is a class with over 260 lines. there, the function checklogin:

Code: Select all

function _checkLogin($username, $password, $remember) {
		$md5pass = "'" . md5(substr($password, 1, -1)) . "'";
		$sql = "SELECT * FROM member WHERE " .
			"(username = $username) AND " .
			"(password = $md5pass) AND " .
			"(permission != '00-deny')";

		$result = $this->db->getRow($sql);

		if (is_object($result)) {
			$this->_setSession($result, $remember);
			return true;
		} else {
			$_SESSION['login']--;
			$this->_logout();
			return false;
		}
	}