[SOLVED] Forced Login

bhavin_85 · April 16, 2007

Hey guys

On my site I need to make sure that when a user clicks on the buy link and they are not logged in they are taken to the login page then bak to the page with the buy link. How can i do this?

soycharliente · April 16, 2007

I use a javascript redirect.

<?php
if(!$loggedIn) {
?>
<script type="text/javascript">
<!--
window.location = "path/to/page.ext";
-->
</script>
<?php
}
?>

I don't like dealing with PHP headers and whatnot. I find this much easier.

bhavin_85 · April 16, 2007

which page does that go in?

trq · April 16, 2007

Its an example, not working code. Any answers found on the board will need to be customised for your own needs.

clown[NOR] · April 16, 2007

it will probably go into the page you have the buy link in...

bhavin_85 · April 16, 2007

cheers clown

how do i get the login page to redirect to that page?

im guessing there is some kinda of function I have to call

soycharliente · April 16, 2007

On my site, I have a variable that stores whether or not you're logged in ($loggedIn, clever name huh).

The only thing you really need to change would be the path back to the login page if they try and access a page without being logged in.

Sort of like...

<?php
// This code is put on the page that you want to protect from viewing without being logged in.
if($loggedIn) {
// html code for the page
} else {
// here is the redirect.
// the javascript handles the redirection.
// tells the window to update it's loction.
?>
<script type="text/javascript">
<!--
window.location = "path/to/page.ext";
-->
</script>
<?php
}
?>

Hope that explains it better.

bhavin_85 · April 16, 2007

ahh right, yea i already have the redirect working, what im more concerned about is do i get the login page to realise once they have logged in they are redirected to the original page

trq · April 16, 2007

Pass the original page name through the url, then grab it from the $_GET array.

bhavin_85 · April 16, 2007

ok ive got the address going through to the beinging login page...jsut having trouble with page that had the login form on it

ive tried this : action="login1.php?url='.$url.'" but its printing login1.php?url='.$url.' in the url

any ideas why?

bhavin_85 · April 16, 2007

made a bit of progress....but the url is coming up as this now

www.mywebsite.com/%5C%5C%5C'./homes/gy478/web/extrainfo.htm.%5C%5C%5C'

the way i ahve done it is passed the url through each page via the url then when it came2 the login page got the url and put it into an invisible text box the....in the text box the value is : \'./homes/gy478/web/extrainfo.htm.\'

but on the next pge which processes the login details im gettin the url above....any ideas?

Barand · April 16, 2007

something like this?

# buypage.php #

<?php
    session_start();
    if (!$_SESSION['loggedIn'] ) {
        $_SESSION['returnurl'] = 'buypage.php';
        header("location: login.php");
        exit;
    }
    
    // rest of page
?>

# login.php #

<?php
    session_start();
    
    if (isset($_POST['action'])) {
        if (validLogin($_POST['username'], $_POST['pwd'])) {          // or some such function
            $_SESSION['loggedIn'] = true;
            $returnurl = isset($_SESSION['returnurl']) ? $_SESSION['returnurl'] : '';
            if ($returnurl) {
                header("location: $returnurl");
                exit;
            }
            else {
                header("location: index.php");
                exit;        
            }  
        }
        else {
            $_SESSION['loggedIn'] = false ;
            echo "Invalid username or password.";
        }
    }
    
    echo <<<FORM
        <form method='post'>
            Username <input type='text' name='username'> <br/>
            Password <input type='password' name='pwd'>  <br/> 
            <input type='submit' name='action' value='Log in'>
        </form>
FORM;
?>

bhavin_85 · April 16, 2007

Barand....ive tried implementing this but the header isnt redirecting

In the second if....there is a header which should redirect but its not redirecting for some reason....any ideas?

<?php
session_start();
include('config.php');
$username = $_POST['username'];	
$password = $_POST['password'];
if ($username != 'admin') {
$sql = "SELECT * FROM regcustomer WHERE username='$username' AND password='$password'";
$query = mysql_query($sql);
$count = mysql_num_rows($query);
if($count==1){
$_SESSION['username'] = $username;
$returnurl = isset($_SESSION['returnurl']) ? $_SESSION['returnurl'] : '';
header("Location: $returnurl");
echo "halo";
}
else {
header("Location:login.php?login=fail");
}
}
else {
$sql2 = "SELECT * FROM regcustomer WHERE username='$username' AND password='$password'";
$query2 = mysql_query($sql2);
$count2 = mysql_num_rows($query2);
if($count2==1){
$_SESSION['username']=$username;
header("Location:admin/adminpage.php");
}
else {
header("Location:login.php?login=fail");
}
}
?>

and it is echoing halo....so i know it is going to the right if

Barand · April 16, 2007

Have you checked what's in $returnurl at the point where

header("Location: $returnurl");

is called

soycharliente · April 16, 2007

Barand....ive tried implementing this but the header isnt redirecting

In the second if....there is a header which should redirect but its not redirecting for some reason....any ideas?

Try using the Javascript redirect that I suggested earlier.

bhavin_85 · April 16, 2007

ive tried header and javascript

neither is working

<?php
session_start();
include('config.php');
$return = $_SESSION['returnurl'];
echo $_SESSION['returnurl'];
$username = $_POST['username'];	
$password = $_POST['password'];
if ($username != 'admin') {
$sql = "SELECT * FROM regcustomer WHERE username='$username' AND password='$password'";
$query = mysql_query($sql);
$count = mysql_num_rows($query);
if($count==1){
$_SESSION['username'] = $username;
$returnurl = isset($_SESSION['returnurl']) ? $_SESSION['returnurl'] : '';
?>
<script type="text/javascript">
<!--
window.location='http://www.xxx.yyyy.zz.uk/~abcde/'$returnurl'';
</script>";
<?
echo "halo";
}
else {
header("Location:login.php?login=fail");
}
}
else {
$sql2 = "SELECT * FROM regcustomer WHERE username='$username' AND password='$password'";
$query2 = mysql_query($sql2);
$count2 = mysql_num_rows($query2);
if($count2==1){
$_SESSION['username']=$username;
header("Location:admin/adminpage.php");
}
else {
header("Location:login.php?login=fail");
}
}
?>

when i used header it told me that i couldnt modify the header

per1os · April 16, 2007

Maybe if you didn't try to mix php and javascript it might work

window.location='http://www.xxx.yyyy.zz.uk/~abcde/<?php print $returnurl;?>';

bsprogs · April 16, 2007

bhavin, using the Javascript redirect that charlieholder recommended earlier should work just fine.

?>
<script type="text/javascript">
<!--
window.location = "<?php echo $returnurl; ?>";
-->
</script>
<?php

I made a very slight modification but it should work.

bhavin_85 · April 16, 2007

cheers dude that works

i was just about 2 jump on msn and ask u bsprogs

thanks 4 all ur help ppl!!!!

bsprogs · April 16, 2007

Glad you got it working!

You know you can always hop on MSN and ask me a question anytime because you already do

Sign In

[SOLVED] Forced Login

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information