Jump to content

Redirect someone thats not logged in?


Go to solution Solved by QuickOldCar,

Recommended Posts

By checking the session if a user is logged in, if not do a header or even meta refresh redirect

 

Header must be used before any output to the browser.

if(!$_SESSION['logged_in']){
header('Location: http://www.example.com/');
die();
}

or

if(!$_SESSION['logged_in']){
echo "<meta http-equiv='refresh' content='0;http://www.example.com/' />";
echo die();
}

This is my code 

<?php

 session_start();

require 'connect.php';
 
if(isset($_POST['submit'])) {
 
	$username = $_POST['username'];
	$password = $_POST['password'];
 
	//Prevent hackers from using SQL Injection
	$username = stripslashes($username);
	$password = stripslashes($password);
	$username = mysql_real_escape_string($username);
	$password = mysql_real_escape_string($password);
 
	$sql = "SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'";
	$result = mysql_query($sql);
	$count = mysql_num_rows($result);
	$row = mysql_fetch_assoc($result);
	$user_level = $row['user_level'];
 
	if($count == 1) {
 
		$_SESSION['username'];
		$_SESSION['password'];
		$_SESSION['loggedIn'] = true;
		header("Location: index.php");
	} else {
 
		echo "Please check the username and password you entered is correct.";

	} if($row['user_level'] == 0) {

		//Do Nothing

	} else if($row['user_level'] == -1) {
 
		header("Location: banned.php");
 
	} else if($row['user_level'] < -1) {
		header("Location: banned.php");
		die();
 
	} else if($row['user_level'] == 1) {

		header("Location: admin.php");
 
	} else if($row['user_level'] == 2) {

		echo "Moderators are currently disabled.";
	}
 
 
}

?>
  • Solution

Then add this to the top of the page.

<?php
session_start();
if(!$_SESSION['loggedIn']){
header('Location: http://www.example.com/login.php');//take to login or registration page?
die();
}
?>
Edited by QuickOldCar

Thanks man it worked i figured out the problem the session was still active, my logout code was 

session_unset();
session_destory();
header("Location: login.php");

I changed this to 

session_start();
session_destroy();
header("Location: login.php");

And that fixed the problem :)

 

Thanks for your help

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.