thurmanmurman Posted June 27, 2009 Share Posted June 27, 2009 Hey Everyone, I am a noob and need some help. I have been scouring the internet for resources and haven't found any solutions that might do the trick. Here is what I am trying to do: I need my clients to be able to log in using a username and password to view a page specific to the client. So far I have done the following: 1) created a php login page 2) created a php register page which I will only have access for the purpose of adding user accounts. 3) created a php members page where all users arrive after successful login. The problem is, instead of having the user arrive at a global, all members page, i need them to arrive at their user specific page. I have a feeling this is going to involve sessions and I just don't know where to start with that. Do I need to add code to the user-specific page? Here is my code so far: LOGIN.PHP <?php // Connects to your Database mysql_connect("host address", "username", "password") or die(mysql_error()); mysql_select_db("database name") or die(mysql_error()); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $username = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['password']) { } else { header("Location: members.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] | !$_POST['pass']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['pass'] = stripslashes($_POST['pass']); $info['password'] = stripslashes($info['password']); $_POST['pass'] = md5($_POST['pass']); //gives error if the password is wrong if ($_POST['pass'] != $info['password']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['pass'], $hour); //then redirect them to the members area header("Location: members.php"); } } } else { // if they are not logged in ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> ADD.PHP <?php // Connects to your Database mysql_connect("host address", "username", "password") or die(mysql_error()); mysql_select_db("database name") or die(mysql_error()); //This code runs if the form has been submitted if (isset($_POST['submit'])) { //This makes sure they did not leave any fields blank if (!$_POST['username'] | !$_POST['redirect'] | !$_POST['pass'] | !$_POST['pass2'] ) { die('You did not complete all of the required fields'); } // checks if the username is in use if (!get_magic_quotes_gpc()) { $_POST['username'] = addslashes($_POST['username']); } $usercheck = $_POST['username']; $check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'") or die(mysql_error()); $check2 = mysql_num_rows($check); // checks if the redirect is in use if (!get_magic_quotes_gpc()) { $_POST['redirect'] = addslashes($_POST['redirect']); } $redircheck = $_POST['redirect']; $check = mysql_query("SELECT redirect FROM users WHERE redirect = '$redircheck'") or die(mysql_error()); $check2 = mysql_num_rows($check); //if the name exists it gives an error if ($check2 != 0) { die('Sorry, the username '.$_POST['username'].' is already in use.'); } // this makes sure both passwords entered match if ($_POST['pass'] != $_POST['pass2']) { die('Your passwords did not match. '); } // here we encrypt the password and add slashes if needed $_POST['pass'] = md5($_POST['pass']); if (!get_magic_quotes_gpc()) { $_POST['pass'] = addslashes($_POST['pass']); $_POST['username'] = addslashes($_POST['username']); } // now we insert it into the database $insert = "INSERT INTO users (username, password) VALUES ('".$_POST['username']."', '".$_POST['pass']."')"; $add_member = mysql_query($insert); ?> <h1>Registered</h1> <p>Thank you, you have registered - you may now login</a>.</p> <?php } else { ?> <form action="<?php echo $_SERVER['../PHP_SELF']; ?>" method="post"> <table border="0"> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="60"> </td></tr> <tr><td>Direectory Access:</td><td> <input type="text" name="redirect" maxlength="100"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="pass" maxlength="10"> </td></tr> <tr><td>Confirm Password:</td><td> <input type="password" name="pass2" maxlength="10"> </td></tr> <tr><th colspan=2><input type="submit" name="submit" value="Register"></th></tr> </table> </form> <?php } ?> MEMBERS.PHP <?php // Connects to your Database mysql_connect("host address", "username", "password") or die(mysql_error()); mysql_select_db("database name") or die(mysql_error()); //checks cookies to make sure they are logged in if(isset($_COOKIE['ID_my_site'])) { $username = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { //if the cookie has the wrong password, they are taken to the login page if ($pass != $info['password']) { header("Location: login.php"); } //otherwise they are shown the admin area else { echo "Admin Area<p>"; echo "Your Content<p>"; echo "<a href=logout.php>Logout</a>"; } } } else //if the cookie does not exist, they are taken to the login screen { header("Location: login.php"); } ?> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Untitled Document</title> <link href="../style.css" rel="stylesheet" type="text/css"> </head> <body> <form action="<?php echo $_SERVER['../PHP_SELF']?>" method="post"> <table border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="pass" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> <?php } ?> </body> </html> Any help would be greatly appreciated. Drew Link to comment https://forums.phpfreaks.com/topic/163856-solved-php-redirect-after-login-to-a-specific-users-page/ Share on other sites More sharing options...
xcoderx Posted June 27, 2009 Share Posted June 27, 2009 Use meta tag to redirect as simple as that. Link to comment https://forums.phpfreaks.com/topic/163856-solved-php-redirect-after-login-to-a-specific-users-page/#findComment-864577 Share on other sites More sharing options...
thurmanmurman Posted June 27, 2009 Author Share Posted June 27, 2009 where should I add the meta tag? Link to comment https://forums.phpfreaks.com/topic/163856-solved-php-redirect-after-login-to-a-specific-users-page/#findComment-864579 Share on other sites More sharing options...
thurmanmurman Posted June 27, 2009 Author Share Posted June 27, 2009 So i think i've found another way to do this... if i change my redirect header tags to: /* Redirect to a different page in the current directory that was requested */ $host = $_SERVER['HTTP_HOST']; $uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\'); $extra = 'index.php'; header("Location: http://$host$uri/$extra"); exit its getting close, but I need to change the $uri path from 'PHP_SELF' to fetching data from a column in mySQL called userdirectory. this is the directory I wish to redirect to. Any thoughts? Link to comment https://forums.phpfreaks.com/topic/163856-solved-php-redirect-after-login-to-a-specific-users-page/#findComment-864592 Share on other sites More sharing options...
Tonic-_- Posted June 27, 2009 Share Posted June 27, 2009 So you're trying to make clients redirect to their own user directory that is stored in a mysql table? Never heard of this before.. Basically you want to redirect them to a page printing out their information stored in a table? Thats what I got *just woke up* Link to comment https://forums.phpfreaks.com/topic/163856-solved-php-redirect-after-login-to-a-specific-users-page/#findComment-864595 Share on other sites More sharing options...
thurmanmurman Posted June 27, 2009 Author Share Posted June 27, 2009 I'm probably overthinking this. Here's the goal... I want to have a client login and end up on his/her personal page (not a global user page). Thats it... so whatever makes it easy. I had stored directory information in the mysql table so I might be able to pull what directory it was redirecting to from the table...but i dont know.. like i said. the easiest solution possible would float my boat. DG Link to comment https://forums.phpfreaks.com/topic/163856-solved-php-redirect-after-login-to-a-specific-users-page/#findComment-864597 Share on other sites More sharing options...
Tonic-_- Posted June 27, 2009 Share Posted June 27, 2009 Basically a user profile like profile.php?u=usernamehere Displays their information stored and allow customization to the page? Link to comment https://forums.phpfreaks.com/topic/163856-solved-php-redirect-after-login-to-a-specific-users-page/#findComment-864598 Share on other sites More sharing options...
thurmanmurman Posted June 27, 2009 Author Share Posted June 27, 2009 Yes, as long as the page is completely isolated. I can't have my different users seeing each others information. I need completely separate pages Link to comment https://forums.phpfreaks.com/topic/163856-solved-php-redirect-after-login-to-a-specific-users-page/#findComment-864599 Share on other sites More sharing options...
Tonic-_- Posted June 27, 2009 Share Posted June 27, 2009 Well on member.php just have a little box displaying their information by using a search query for the "directory" information you stored and print out. You basically have essentially everything done but the search query.. Just basically do a query for their username & grab the stored information that was submitted by that user and display it out on a little profile box somewhere located on the member.php Not much work you really have to do other then the query & printing out.. You really don't need to "redirect" them to another file just so it displays their information when you could do the same with member.php.... Because you already have the check in if they're logged in and with the query search for information submitted only by that user basically no other member can see any users information unless they login as that user.. Link to comment https://forums.phpfreaks.com/topic/163856-solved-php-redirect-after-login-to-a-specific-users-page/#findComment-864601 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.