Page 1 of 3 123 Last
  • Jump to page:
    #1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    22
    Rep Power
    0

    Red face Trying to redirect login user to specific url


    Spent 3 days figuring out how this whole deal works with allowing a user to register a name and password, placing that information in a database, and allowing them to login and all that good stuff. Well, I'm stuck... I know how to create a database, I know how to create a table, and I know how to recall information from a table on a webpage. I even currently have it setup so that when a user logs in it takes them to a page where it displays their specified url. This is great, but what I'd like to happen is when they login to their account it takes them directly to their URL, rather than have them have to click on their account on the login successful screen... Make sense? My coding is very simple. This is my code for my login.php page...

    PHP Code:
    <?PHP
    require_once("./include/membersite_config.php");

    if(isset(
    $_POST['submitted']))
    {
       if(
    $fgmembersite->Login())
       {
            
    $fgmembersite->RedirectToURL("login-home.php");
       }
    }
    ?>

    FGMembersite is the PHP that checks the info... as you can see, it automatically redirects the user to "login-home.php". But, it is not checking what user is logged in and redirecting it to their own specified page. I feel like there's like one line of coding I could put in there in place of $fgmembersite->RedirectToURL("login-home.php"); to make this work, but maybe not? Pretty new to this, so I'm not able to fully understand everything. HELP PLEASE!
  2. #2
  3. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2011
    Posts
    105
    Rep Power
    51
    Why not use a redirect header?

    PHP Code:
    header('Location: login-home.php'); 
    You should be getting the member data within login-home.php
    Last edited by Rhytz; December 30th, 2012 at 05:01 PM.
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    22
    Rep Power
    0

    I've been seeing this everywhere but where do I put that?


    I've been seeing a redirect header everywhere, but I have no idea what file to place that in or how it works. I mean, I get what the header does, as in, it would redirect me to "login-home.php", but how does it know what user has logged in?

    Like, I don't understand how it all works, but it only makes sense for their to be a way for once a user is logged in that there is a new url created for them specifically so that there can be personalized information... and you can recall a new table (or whatever) that is specific to that users information... am I making sense?

    Originally Posted by Rhytz
    Why not use a redirect header?

    PHP Code:
    header('Location: login-home.php'); 
    You should be getting the member data within login-home.php
  6. #4
  7. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2011
    Posts
    105
    Rep Power
    51
    Personally I would save the data of the currently logged in user in a session.

    You should create a session, redirect the user to login-home.php and then load the user data in login-home.php using the session you created.

    Simply redirecting the user to a user-specific url would be a security risk.
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    22
    Rep Power
    0

    Session...


    That definitely makes sense, so that each user is specifically logged into their session... And I definitely don't want to be any security risks... Is there a good tutorial to recommend for how to do this?
  10. #6
  11. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2011
    Posts
    105
    Rep Power
    51
    Take a look at this tutorial

    Edit: Just saw there is an updated version here

    And yet an even better tutorial
    Last edited by Rhytz; December 30th, 2012 at 05:47 PM.
  12. #7
  13. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    1
    Rep Power
    0

    Thumbs up Redirecting url


    You can use
    1st method
    header("location:login.php");

    2nd method

    <script>
    window.location="login.php"
    </script>
  14. #8
  15. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    22
    Rep Power
    0
    Where would I put this code? Also, how would it know which user is logging in if they are all being directed to "login.php"?

    Originally Posted by mukeshshiv
    You can use
    1st method
    header("location:login.php");

    2nd method

    <script>
    window.location="login.php"
    </script>
  16. #9
  17. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    165
    Rep Power
    18
    When you write your login script you want it to be something similar to this but specific to your variables.

    PHP Code:
    INCLUDE(sqlconfig.php);
    session_start();
    $result=mysql_query('SELECT * FROM userTable WHERE userName='$_POST[userName]');
    WHILE($row=mysql_fetch_array($result)){
    if($row[userPassword]==$_POST['
    Password']){
    $_SESSION['
    userName']=$_POST['userName'];
    HEADER('
    locationloginhome.php');
    }else{
    HEADER('
    locationloginfailed.php');
    }

    This way after the user logs in their username is stored in $_SESSION['userName'] for future reference by other scripts during the duration of the session

    Comments on this post

    • Rhytz disagrees : This code has SQL injection vulnerabilities and uses old mysql_ functions
    • Jacques1 disagrees : This is at best an example of what *not* to do.
  18. #10
  19. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    165
    Rep Power
    18
    Yes I realize their is SQL injection vulnerabilities in this code just trying to keep it as so to keep it simple and prefer using php rather than pseudo code for demonstration
  20. #11
  21. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    Originally Posted by portcitysoftwar
    Yes I realize their is SQL injection vulnerabilities in this code just trying to keep it as so to keep it simple and prefer using php rather than pseudo code for demonstration
    C'mon, that's a poor excuse. If you don't know to write proper PHP (or you don't have the time for it or whatever), then do use pseudo code instead.

    There's nothing worse than posting bad code snippets, because those are likely to be just copied and pasted. And you didn't even say anything about the security holes.
  22. #12
  23. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    165
    Rep Power
    18
    yes i apologize for that. I should have included or at least mentioned the need to validate the input from the user before including it in the MySQL query.

    However on a side note mysql_query is not deprecated yet is it? or am i just that far behind? I am currently running php 5.3.2 and i know there is php 5.4.x available but as far as i am aware the mysql_query method is not deprecated until 5.5.x when the mysql improved extension will replace the former mysql extension. I have used this method for many years and was how i was taught in college. What are the benefits of the MySqlI or using a data object?

    Thanks alot,
    TJ

    Originally Posted by Jacques1
    C'mon, that's a poor excuse. If you don't know to write proper PHP (or you don't have the time for it or whatever), then do use pseudo code instead.

    There's nothing worse than posting bad code snippets, because those are likely to be just copied and pasted. And you didn't even say anything about the security holes.
  24. #13
  25. Transforming Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    14,112
    Rep Power
    9398
    It wasn't until ~5.5 that they decided to make it officially deprecated, true. However there are no new features that suddenly made it so - the PHP devs finally acknowledged that the mysql extension was inferior to mysqli and PDO, both of which have been out for a while. Those better tools are available to everyone and they should be using it right now.
  26. #14
  27. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    165
    Rep Power
    18
    Alright thanks for the information. Which one is superior between the two other than the fact that PDO supports more database drivers. I am familliar with pdo for MsSQL connections

    Originally Posted by requinix
    It wasn't until ~5.5 that they decided to make it officially deprecated, true. However there are no new features that suddenly made it so - the PHP devs finally acknowledged that the mysql extension was inferior to mysqli and PDO, both of which have been out for a while. Those better tools are available to everyone and they should be using it right now.
  28. #15
  29. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    Originally Posted by requinix
    It wasn't until ~5.5 that they decided to make it officially deprecated, true. However there are no new features that suddenly made it so
    Are you kidding?
    http://php.net/manual/en/mysqlinfo.api.choosing.php
    (kind of funny to link a PHP moderator to the PHP reference)
Page 1 of 3 123 Last
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo