Jump to content

login redirect blank page?


lovephp
Go to solution Solved by mac_gyver,

Recommended Posts

im trying to redirect user according to their role, when i try logging in as admin it redirects ok but below amdin roles i get a blank login.php page ?

 

if($result) {
        if(mysql_num_rows($result) == 1) {
            //Login Successful
            session_regenerate_id();
            $user = mysql_fetch_assoc($result);
            $_SESSION['HOTEL_USER_ID'] = $user['id'];
            $_SESSION['HOTEL_UNAME'] = $user['uname'];
            $_SESSION['HOTEL_UROLE'] = $user['urole'];
            $role = $_SESSION['HOTEL_UROLE'];
            session_write_close();
            if($role == 'Admin')
            header("location: reservation.php");
            exit();
            }elseif($role == 'Manager'){
            header("location: reservation.php");
            exit();
            }elseif($role == 'Front_Desk'){
            header("location: reservation.php");
            exit();
            }elseif($role == 'Writer'){
            header("location: articles.php");
            exit();
        }else {

Link to comment
Share on other sites

  • Solution

what debugging have you done to narrow down the problem? have you dumped (see: var_dump()) the role value so that you know what if anything it is?

 

are you sure that login success code is even running for the users with those roles?

 

if all your code is doing is mapping a set of values to other values, you shouldn't write out conditional logic (if/elseif/switch/case) for each possible choice. this will require that you edit the program logic just to add, remove, or change any of the possible choices.  it also makes for cluttered code, which i just noticed is the cause of your problem. you have a missing {, which has made all your conditional logic off a bit. properly indenting your code, based on where matching { and } are at would help you make sure all the { and } are where you intend. 

 

you should instead write general purpose, data driven code, that defines data (arrays) that tells simple code what to do. see the following example -    

// define categories of roles (in a configuration file)
$management = array('Admin', 'Manager', 'Front_Desk');
$staff = array('Writer');

// at the point of decided what to do for the category a role belongs to
if(in_array($role,$management)){
    header("location: reservation.php");
    exit;
} elseif (in_array($role,$staff)){
    header("location: articles.php");
    exit;
} else {
    // none of the defined roles, handle that condition here...
}

next, logging someone in, involves identifying who they are, not what permissions/roles they have, which is a different concern/different process. all your login code should do, when the username/password has been confirmed, is to store the user_id in a session variable. after your post method form processing code successfully runs (with no errors), it should do a header() redirect to the exact same url that the form submitted to. this will cause a get request for the page, which stops the browser from trying to resubmit the form data.

 

when each page gets requested, it should take the user_id from the session variable and query for the current user permissions/role. this will insure that any change made to a user's permissions/roles take affect on the very next page request. any page should take the user permissions/role and use them to determine what will be processed on the page and what will be displayed.

Link to comment
Share on other sites

what debugging have you done to narrow down the problem? have you dumped (see: var_dump()) the role value so that you know what if anything it is?

 

are you sure that login success code is even running for the users with those roles?

 

if all your code is doing is mapping a set of values to other values, you shouldn't write out conditional logic (if/elseif/switch/case) for each possible choice. this will require that you edit the program logic just to add, remove, or change any of the possible choices.  it also makes for cluttered code, which i just noticed is the cause of your problem. you have a missing {, which has made all your conditional logic off a bit. properly indenting your code, based on where matching { and } are at would help you make sure all the { and } are where you intend. 

 

you should instead write general purpose, data driven code, that defines data (arrays) that tells simple code what to do. see the following example -    

// define categories of roles (in a configuration file)
$management = array('Admin', 'Manager', 'Front_Desk');
$staff = array('Writer');

// at the point of decided what to do for the category a role belongs to
if(in_array($role,$management)){
    header("location: reservation.php");
    exit;
} elseif (in_array($role,$staff)){
    header("location: articles.php");
    exit;
} else {
    // none of the defined roles, handle that condition here...
}

next, logging someone in, involves identifying who they are, not what permissions/roles they have, which is a different concern/different process. all your login code should do, when the username/password has been confirmed, is to store the user_id in a session variable. after your post method form processing code successfully runs (with no errors), it should do a header() redirect to the exact same url that the form submitted to. this will cause a get request for the page, which stops the browser from trying to resubmit the form data.

 

when each page gets requested, it should take the user_id from the session variable and query for the current user permissions/role. this will insure that any change made to a user's permissions/roles take affect on the very next page request. any page should take the user permissions/role and use them to determine what will be processed on the page and what will be displayed.

your condition works like a charm bro. yes i messed it up a little with my if else conditions but got it sorted now thanks a ton. :)

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.