#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2013
    Posts
    2
    Rep Power
    0

    Redirect On Valid Log In


    I am writing a log in page for a website. When a user enters a valid username and password that match from the database I want these things to happen;
    1) User is redirected to the page they were on prior to logging in,
    2) Within the header I want to change the "Log In" link to "Log Out" and create a welcome message specifically for that user.

    I have written code and tested it but I cannot figure out why it does not work. Could someone take a look at this and give me direction??

    Here is the code I have on my log in page. The reason it is causing me trouble (in order) is:
    1) I do not know what to put in where I have the XXX
    2) The logIn.php is the page I want to test to see if the user is on and if they are logged in this page should not appear.
    3) My if statement ValidLogIn I don't know where to set the session variable for that. If within the if statement or if I can add it to the last bolded if statement near the bottom of the page as this: $_SESSION['ValidLogIn'] = $username['UserName']; right above the header Location redirect. Or if I can rename it UserName to get it to work.
    PHP Code:
    <?php
    session_start
    ();

    if(isset(
    $_SESSION['XXX'])) {
       
    $url $_SESSION['logIn.php'];
    }
    else {
       
    $url "index.php";
    }

    if (!isset(
    $_SESSION['ValidLogIn'])){

    //if username and password are empty display welcome message
    if(empty($_POST['txtUserName']) &&  empty($_POST['txtPassword'])) 
            {
                
    showForm('Welcome to Wiscon');
                exit();
            }

    //validate text was entered in UserName text box
    if(empty($_POST['txtUserName']) && isset($_POST['btnSubmit']))
            {
               
    showForm('Please Enter A User Name');
               exit();
            }
       else
            {
               
    $UserName $_POST['txtUserName'];
            }

    //validate text was entered in password text box
    if(empty($_POST['txtPassword']) && isset($_POST['btnSubmit']))
           {
               
    showForm('Please Enter A Valid Password');
               exit();
           }
       else
           {
               
    $Password $_POST['txtPassword'];
           }

    $UserName $_POST['txtUserName'];
    $Password $_POST['txtPassword'];

    //validate username and password match
    if($Password != Password($UserName) && isset($_POST['btnSubmit']))
           {
               
    showForm('User Name And Password Do Not Match!');
               exit();
           }
           }
    function 
    Password($UserName)
    {
       
    //database login
       
    $dsn 'mysql:host=itsql.fvtc.edu;dbname=teamc';
       
    $username='teamc';
       
    $password='teamc';
       
    //variable for errors
       
    $options = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION);
       
    //try to run code
       
    try {
       
    //object to open database
       
    $db = new PDO($dsn,$username,$password$options);
       
    //check username against password
           
    $SQL $db->prepare('SELECT * FROM user WHERE USER_NAME = :UserName and USER_PASSWORD = :Password');
           
    $SQL->bindValue(':UserName'$UserName);
           
    $SQL->bindValue(':Password'$Password);
           
    $SQL->execute();
           
    $username $SQL->fetch();
                
                if(
    $username === FALSE)
                {
                    
    $Password null;
                    
    showForm('Invalid log in information.');
                    exit();
                }
                if(
    $username == TRUE){
                                    
    $_SESSION['UserName'] = $username['USER_NAME']; 
                           
    Add code here???
                           
    header("Location: mywebsite".$url");
                           exit();    
                           }
             
           return 
    $Password;
           
    $SQL->closeCursor();
           
    $db = null;
                 
           } catch(PDOException 
    $e){
               
    $error_message = $e->getMessage();
               echo("
    <p>Database Error$error_message</p>");
               exit();
           }
           
    }
    Secondly I want this at the top of every page but have no clue as to what to put in the url. Is it the website name without the individual URI's afterwards?
    PHP Code:
    <?php
    session_start
    (); 
    $_SESSION['url'] = $_SERVER['REQUEST_URI'];
    I know this is probably a very simple fix but I have tried everything over the past two weeks to get this to work and nothing does. The assignment is due tomorrow by 3 my time (Chicago) and any help would be greatly appreciated.
    This is an intro class so please talk in the simplest of terms so that i can follow along.
    Last edited by hugoriffic; April 3rd, 2013 at 07:33 PM. Reason: spelling and code errors
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Dec 2004
    Posts
    3,031
    Rep Power
    377
    there are too many conditions on one page.. i would create separate functions and test them to see they work and then call them in my pages.

    i also do not know your logic or reasoning to doing things this way... however your questions:

    1. on each page check if they are logged in, if not then save the url in a session and go to login page. On Login page, if they successfully login, check if this session is present if so redirect to that url otherwise to index.php

    2. to change login to logout is pretty easy, check if user is logged in and if so change it to logout else login..
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2013
    Posts
    2
    Rep Power
    0
    I understand that there are too many conditions on one page. I didn't know how to check for a valid log in and set up a session variable for that and check to see if the user has visited a previous page before logging in. So the two $_SESSION if statements were the only way I could think of to do this.

    I do know that the code
    PHP Code:
    if(isset($_SESSION['XXX'])) {
       
    $url $_SESSION['logIn.php'];
    }
    else {
       
    $url "index.php";

    Works with the code
    PHP Code:
     <?php
    session_start
    (); 
    $_SESSION['url'] = $_SERVER['REQUEST_URI'];
    I have seen these two used together quite often but the code that was used with these was far too advanced for me to understand.

    Should I completely eliminate the line of code
    PHP Code:
    if (!isset($_SESSION['ValidLogIn'])){ 
    And then rewirte this line
    PHP Code:
    if($username == TRUE){
         
    $_SESSION['UserName'] = $username['USER_NAME']; 
         
    Add code here???
         
    header("Location: mywebsite".$url");
         exit();    

  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Dec 2004
    Posts
    3,031
    Rep Power
    377
    Originally Posted by hugoriffic
    I understand that there are too many conditions on one page. I didn't know how to check for a valid log in and set up a session variable for that and check to see if the user has visited a previous page before logging in. So the two $_SESSION if statements were the only way I could think of to do this.

    I do know that the code
    PHP Code:
    if(isset($_SESSION['XXX'])) {
       
    $url $_SESSION['logIn.php'];
    }
    else {
       
    $url "index.php";

    Works with the code
    PHP Code:
     <?php
    session_start
    (); 
    $_SESSION['url'] = $_SERVER['REQUEST_URI'];
    I have seen these two used together quite often but the code that was used with these was far too advanced for me to understand.

    Should I completely eliminate the line of code
    PHP Code:
    if (!isset($_SESSION['ValidLogIn'])){ 
    And then rewirte this line
    PHP Code:
    if($username == TRUE){
         
    $_SESSION['UserName'] = $username['USER_NAME']; 
         
    Add code here???
         
    header("Location: mywebsite".$url");
         exit();    

    well that is why i said that i do not know your logic. if that validlogin session check is "important" keep that but then you also you should just check ONCE for submit


    if (submit) {
    if no username, error
    ...... etc

    }

IMN logo majestic logo threadwatch logo seochat tools logo