Session management

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
jruelan
Forum Newbie
Posts: 2
Joined: Thu Sep 27, 2007 8:03 pm

Session management

Post by jruelan »

my problem is this...
after successful user login in login.php, i redirected the page to the index.php along with the session and all those stuff. what i can't get is how to redirect the page in index.php even if the user clicked the back button in the web browser and the user has not yet logged out??? in my login.php, there is a script that goes like this

***** PLEASE USE THE

Code: Select all

TAG FOR POSTING CODE *****[/color]

Code: Select all

if(isset($_SESSION["username"]))
    header("Location: index.php");
else
{
 ...show login form
}
shylor
Forum Newbie
Posts: 13
Joined: Thu Sep 27, 2007 12:52 pm

Post by shylor »

Here is a login.php file I use when I have the user login. The forum is on the index.php

Code: Select all

<?php
	session_start();
	include('config.inc.php');

	$login_raw = mysql_query("SELECT * FROM `*` WHERE `username` = '".$_POST['username']."' AND `password` = '".md5($_POST['password'])."'", $mysql);
	
	if(mysql_num_rows($login_raw) == 0) {
		$_SESSION['message'] = 'Invaild Login';
		$_SESSION['online'] = 0;
		header("Location: ".$url."/index.php");
	} else {
		$_SESSION['message'] = '';
		$login_data = mysql_fetch_array($login_raw);
		$_SESSION['username'] = ucfirst($login_data['username']);
		$_SESSION['access'] = $login_data['access'];
		$_SESSION['online'] = 1;
		header("Location: ".$url."/index.php");
	}
?>
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

A few thoughts..

1) Are you calling session_start()?
2) Use full http paths in your header()
3) Call exit() after header, to prevent any more code from being executed
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
jruelan
Forum Newbie
Posts: 2
Joined: Thu Sep 27, 2007 8:03 pm

Post by jruelan »

yup, i am calling the session start function of php. and registered a variable "username"
like this

Code: Select all

<?php
     session_start();
//     username is from the database;
     $_SESSION["UN"]=$username;
     if($_SESSION["username"]!=null||$_SESSION["username"]=="") 
{
    header("Location: index.php"); 
exit;
}
else 
{ 
 ...show login form 
}
?>

Code: Select all

<form action="<?php echo(PHP_SELF)?>">
input UN
input PW
</form>
after logging in, user is redirected to the index.php it should be that when i click the "back" button of the web browser, the Login.php page still shows up rather than redirecting it to the index.php page because the user did not log out. Is there a way to solve this?

Scottayy | Please use the [ php ] and [ syntax ] tags when posting code.
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

You're setting $_SESSION['UN'] and then checking for $_SESSION['username'].
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
Post Reply