Jump to content

php login question


oha055

Recommended Posts

Hi!

 

So I know that when redirecting to administrator pages after login is very often done like this: header(location:admin.php);

 

But what if I didnt want to use header? I'm asking because I would just like to include the admin section within the part of the website I'm currently residing, if that makes any sense. Also, I think using headers is a bit cumbersome.

 

I have just recently started learning PHP, so please excuse me if this is a dumb question :)

 

 

Link to comment
Share on other sites

If you didnt want to send the user to another page you could set the form's action to '#' which would keep them on the page. Then you could have some logic in your page to check if the form was submitted and if it was it could run whatever login function you have to verify the user. Then if they are logged in you could have some further logic to include admin elements on the current page.

 

Something along those lines.

 

Or you could use ajax to post to the login function and then refresh the page - but you would need to use header again for that :)

 

But as suggested i would stick with using headers because this is just unecessarily complicating things :)

Link to comment
Share on other sites

what I want to know is what exactly you meant by this:

 

 

I'm asking because I would just like to include the admin section within the part of the website I'm currently residing, if that makes any sense.

 

this explanation could dictate the proper answer.

Link to comment
Share on other sites

Just to add, response headers are a part of the HTTP foundation. They're the least-cumbersome and most supported way of handling redirection, and should ideally be all you use for it. There's nothing stopping you redirecting back to the same page you're on, which incidentally has the added benefit of overwriting the previous request, preventing "POST-refreshes" (the browser dialogue that pops up when you go back, asking if you want to re-submit the POST data).

 

On the target page you can then simply check the type of user (admin or regular), and display the appropriate output.

Link to comment
Share on other sites

If you mean what I think you mean (serving different content based on user-level? like

 

 

if ( $user->is_admin )
   // show admin CP

on normal user pages), then that's the wrong way to go IMO, it's processing code that doesn't necessarily need to be processed, I think the best option is direct administrators to a dedicated control panel, however, depending on the performance requirements/user-base of your application, this may not be relevant to you.

Link to comment
Share on other sites

There's nothing stopping you redirecting back to the same page you're on, which incidentally has the added benefit of overwriting the previous request, preventing "POST-refreshes" (the browser dialogue that pops up when you go back, asking if you want to re-submit the POST data).

 

On the target page you can then simply check the type of user (admin or regular), and display the appropriate output.

Agreed.  The site I'm currently working on is like this.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.