User Redirection

[RobertCraigUK]

Hi,

 

I am having a little problem with my coding and was wondering if someone could please help me.

 

The code below is a working login script where when a user logs in they are redirected to a URL which I have in my SQL database. The problem I am having is I would like to create a link on every page which says something like "My Account" - and when a user clicks the link the script automatically knows who is logged on and redirects to the page which matches the URL in the database.

 

I hope I am making sense as I've been working on it for days and cannot figure out how to do it.   

 

<?php
session_start();

require 'config.php';

$user_name = $_POST['username'];
$user_password = $_POST['password'];

$qry = "SELECT id, redirect
    FROM
        users
    WHERE
        username = '".$user_name."' AND
        password = '".$user_password."'";

$result = mysql_query($qry);

$count = (int)mysql_num_rows($result);
if($count != 0) {

    $row = mysql_fetch_assoc($result);
    $_SESSION['loggedIn'] = true;
    header('Location: '.$row['redirect']);
} else {

    header('Location: index.php');
}

exit;
?>

 

 

 

The config.php has basically my login details for phpmyadmin and nothing else. If anyone can help me it would be greatly appreciated.

 

Kind regards,

 

Robert.

[Mahngiel]

I don't understand why the 'My Account' link would come from the database?  Why not just on a successful login, redirect all users to account.php where the page's information is propogated with parameters from the user's session information?

[Jessica]

I don't understand why the 'My Account' link would come from the database?  Why not just on a successful login, redirect all users to account.php where the page's information is propogated with parameters from the user's session information?

Seconded. There is no reason for each person to have their own .php file, there should be one file which displays their info.