Jump to content

Recommended Posts

Is there a way to get current logged in username and based on that redirect to a different page?

I’m using the following secure PHP login without MySql as a login system: https://sourceforge.net/projects/phploginbyvallastech/

Now I’m looking to redirect each logged in user to their personalized page.

But I can’t figure out how to A) fetch the current logged in user and B) redirect multiple users.

This code redirects to the latter address, but the username based redirect is not working:

<?php

session_start();

if ($_SESSION["username"]==User1){

header("location: user1content.php");

exit;

} else {

header("location: generalcontent.php");

exit;

}

{ ?>

<?php } ?>

So it’s clearly not fetching the logged in user. Though <?php echo $login->username; ?> fetches the username just fine.
I know there’s something missing, but what that might be… Have been trying different things without success.

Or another viable option would be to show content based on username:

<?php
session_start();

if ($_SESSION["username"]=='User1'){ ?>


SHOW USER1 CONTENT HERE


<?php } ?>

But this has the same issue; not sure how to fetch the logged in username...

Edited by etopal
6 minutes ago, Barand said:

Have you checked if $_SESSION contains what you are expecting it to contain?

I have not 🤔 (I'm not very familiar with php, just dabbling with it... )

The second redirect (to generalcontent.php) works, so I'm guessing the $_SESSION doesn't contain what I'm looking for, as it just gets skipped 😬

try

echo '<pre>' . print_r($_SESSION, true) . '</pre>';

That will show the contents of $_SESSION.

If it's doesn't contain the expected values you need to trace backwards to where the values should be set and work out why it isn't happening.

Huzzah! 🤩
I think the end solution was a very simple one, as it most of the cases seems to be:
```
<?php

require('_login.php');

if ($login_user === 'User1') {
    header("Location: user1.php");
} else if ($login_user === 'User2') {
    header("Location: user2.php");
} else if ($login_user === 'User3') {
    header("Location: user3.php");
} else {
    header("Location: generalcontent.php");
}

?>

```

As a note, if anyone else ever struggles with a similar problem.

Edited by etopal
2 hours ago, etopal said:

I think the end solution was a very simple one

Except that isn't the solution. For one, if you dont kill the script after a header redirect, the rest of the code still runs. Using a sequential numbering of pages points to a serious design flaw. If you have a million users, are you really going to have and maintain a million pages?

Not to be a debbie downer, but the specific login script you mention uses MD5. If your website's password security is important, to you, please read "no one should be using MD5 anymore" at https://en.wikipedia.org/wiki/MD5 (MD5 is broken).

From what I understand, php's built in "password_hash" function is much, much better than MD5.

If you please read the question and answer about the "password_hash" function here. you might be inclined to go ahead and use mySQL.

There are some pre-written login scripts on the net using "password_hash" that even I (a total PHP dumbo) can understand (just google "simple password_hash login scripts").

Just a thought.

 

 

Edited by StevenOliver
  • Like 1
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.