etopal Posted May 4, 2020 Share Posted May 4, 2020 Is there a way to get current logged in username and based on that redirect to a different page? I’m using the following secure PHP login without MySql as a login system: https://sourceforge.net/projects/phploginbyvallastech/ Now I’m looking to redirect each logged in user to their personalized page. But I can’t figure out how to A) fetch the current logged in user and B) redirect multiple users. This code redirects to the latter address, but the username based redirect is not working: <?php session_start(); if ($_SESSION["username"]==User1){ header("location: user1content.php"); exit; } else { header("location: generalcontent.php"); exit; } { ?> <?php } ?> So it’s clearly not fetching the logged in user. Though <?php echo $login->username; ?> fetches the username just fine. I know there’s something missing, but what that might be… Have been trying different things without success. Quote Link to comment Share on other sites More sharing options...
etopal Posted May 4, 2020 Author Share Posted May 4, 2020 (edited) Or another viable option would be to show content based on username: <?php session_start(); if ($_SESSION["username"]=='User1'){ ?> SHOW USER1 CONTENT HERE <?php } ?> But this has the same issue; not sure how to fetch the logged in username... Edited May 4, 2020 by etopal Quote Link to comment Share on other sites More sharing options...
Barand Posted May 4, 2020 Share Posted May 4, 2020 Have you checked if $_SESSION contains what you are expecting it to contain? Quote Link to comment Share on other sites More sharing options...
etopal Posted May 4, 2020 Author Share Posted May 4, 2020 6 minutes ago, Barand said: Have you checked if $_SESSION contains what you are expecting it to contain? I have not 🤔 (I'm not very familiar with php, just dabbling with it... ) The second redirect (to generalcontent.php) works, so I'm guessing the $_SESSION doesn't contain what I'm looking for, as it just gets skipped 😬 Quote Link to comment Share on other sites More sharing options...
Barand Posted May 4, 2020 Share Posted May 4, 2020 try echo '<pre>' . print_r($_SESSION, true) . '</pre>'; That will show the contents of $_SESSION. If it's doesn't contain the expected values you need to trace backwards to where the values should be set and work out why it isn't happening. Quote Link to comment Share on other sites More sharing options...
etopal Posted May 4, 2020 Author Share Posted May 4, 2020 (edited) Huzzah! 🤩 I think the end solution was a very simple one, as it most of the cases seems to be: ``` <?php require('_login.php'); if ($login_user === 'User1') { header("Location: user1.php"); } else if ($login_user === 'User2') { header("Location: user2.php"); } else if ($login_user === 'User3') { header("Location: user3.php"); } else { header("Location: generalcontent.php"); } ?> ``` As a note, if anyone else ever struggles with a similar problem. Edited May 4, 2020 by etopal Quote Link to comment Share on other sites More sharing options...
benanamen Posted May 4, 2020 Share Posted May 4, 2020 2 hours ago, etopal said: I think the end solution was a very simple one Except that isn't the solution. For one, if you dont kill the script after a header redirect, the rest of the code still runs. Using a sequential numbering of pages points to a serious design flaw. If you have a million users, are you really going to have and maintain a million pages? Quote Link to comment Share on other sites More sharing options...
etopal Posted May 4, 2020 Author Share Posted May 4, 2020 It surely is not the perfect solution. But seems to work for what I need 🤔 If I ever had a million users, I surely would need a better login system as well.. Might have to look into your points though. Quote Link to comment Share on other sites More sharing options...
StevenOliver Posted May 5, 2020 Share Posted May 5, 2020 (edited) Not to be a debbie downer, but the specific login script you mention uses MD5. If your website's password security is important, to you, please read "no one should be using MD5 anymore" at https://en.wikipedia.org/wiki/MD5 (MD5 is broken). From what I understand, php's built in "password_hash" function is much, much better than MD5. If you please read the question and answer about the "password_hash" function here. you might be inclined to go ahead and use mySQL. There are some pre-written login scripts on the net using "password_hash" that even I (a total PHP dumbo) can understand (just google "simple password_hash login scripts"). Just a thought. Edited May 5, 2020 by StevenOliver 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.