amin1982 Posted November 22, 2006 Share Posted November 22, 2006 Hi Guys;I have a login in system. Where users login into to view my site. However I haven't been able to encrypte the pages which I want members only to view. For example if they knew the URL of a hidden page they could type this in and they will be taken to the page.I want a system where they are taken back to the home page when they do this. And when they click on a link which leads to a members I'd like a pop up which says "Members Only - Please Login" unless they are logged in and they are then taken to the page.Any ideas?My login scripts are:buffer.php used on all pages.[code]<?phpob_start();session_start();?>[/code]Login.php used to verify the user information.[code]<?php require_once ('../includes/config.inc.php'); if (isset($_POST['submitted'])) { // Check if the form has been submitted. require_once ('./includes/mysql_connect.php');.if (!empty($_POST['email'])) {$e = escape_data($_POST['email']); } else {echo '<p class="BlueMenuText"><font color="red" size="+1">You forgot to enter your email address!</font></p>';$e = FALSE; }if (!empty($_POST['password'])) {$p = escape_data($_POST['password']);} else {$p = FALSE;echo '<p class="BlueMenuText"><font color="red" size="+1">You forgot to enter your password!</font></p>';} if ($e && $p) { // If everything's OK. $query = "SELECT id, f_name FROM members WHERE (email='$e' AND password='$p' AND status=1) "; $result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error()); if (@mysql_num_rows($result) == 1) { // A match was made.$row = mysql_fetch_array ($result, MYSQL_NUM); mysql_free_result($result);mysql_close(); // Close the database connection.$_SESSION['f_name'] = $row[1];$_SESSION['id'] = $row[0]; $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);f ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {$url = substr ($url, 0, -1);}$url .= '/index.php';ob_end_clean();header("Location: $url");exit(); } else { /echo '<p class="BlueMenuText">><font color="red" size="+1">Your password and email login didn\'t match. Please try again and ensure you have activated your account.</font></p>'; } } else { echo '<p><font color="red" size="+1">Please try again.</font></p>'; } mysql_close(); } ?[/code]any suggestions or help would be appreciated!Thanks! Quote Link to comment Share on other sites More sharing options...
hitman6003 Posted November 22, 2006 Share Posted November 22, 2006 http://www.phpfreaks.com/tutorials/65/0.php Quote Link to comment Share on other sites More sharing options...
amin1982 Posted November 22, 2006 Author Share Posted November 22, 2006 hey hitman,thanks for that. I did have a look at the tutorial and I tried altering my script but i couldn't work it.I'm editing this part:[code]<?phpecho '<div class="MainText">Welcome'; if (isset($_SESSION['f_name'])) {echo ", <b>{$_SESSION['f_name']}!</b>";}echo '</div>';?>[/code]Basically if the user is logged in then they receive a welcome message. however i need to add an if empty f_name then redirect to the home page with a message that pops up "Members Only"...Thoughy just not sure how to do this. I try a few things but no luck.Any ideas?!...Thanks,Amin Quote Link to comment Share on other sites More sharing options...
CheesierAngel Posted November 22, 2006 Share Posted November 22, 2006 You can use the function header() for this.- [url=http://php.belnet.be/manual/en/function.header.php]http://php.belnet.be/manual/en/function.header.php[/url][code]<?phpecho '<div class="MainText">Welcome'; if (isset($_SESSION['f_name'])) {echo ", <b>{$_SESSION['f_name']}!</b>";} else { header('Location: noAccessGranted.php');}echo '</div>';?>[/code]MODIFICATION:You can also take a look at the HTTP_AUTHENTICATION:- [url=http://php.belnet.be/manual/en/features.http-auth.php]http://php.belnet.be/manual/en/features.http-auth.php[/url] Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.