...

View Full Version : Login Session help



PRodgers4284
02-17-2008, 12:33 PM
I need a way of stoping a user on my website from accessing protected pages if they are not logged in, can anyone help? Im using the following code at the start of each page.


<?php
session_start();
include("database.php");
include("loginemployer.php");
?>

bazz
02-17-2008, 12:36 PM
you will need to add a few lines to the top of your script which check for a session. if it exists, go to the page. if not, redirect to login. I don't know the code, coz I use perl but, try googling for 'php sessions tutorials'.

bazz

PRodgers4284
02-17-2008, 12:37 PM
you will need to add a few lines to the top of your script which check for a session. if it exists, go to the page. if not, redirect to login. I don't know the code, coz I use perl but, try googling for 'php sessions tutorials'.

bazz

Thanks for that

PRodgers4284
02-17-2008, 02:22 PM
Ive tried the code below but it doesnt same to work, not sure if im using the redirect header correctly



if (!SESSION_username) {
Header("Location: index2.php");
}

rafiki
02-17-2008, 02:47 PM
if(!isset($_SESSION['username'])){
header("Location: /Login.php");
}
try this?

PRodgers4284
02-17-2008, 02:51 PM
if(!isset($_SESSION['username'])){
header("Location: /Login.php");
}
try this?

Got it working there thanks

used this


if( empty($_SESSION['username']) )
{
header("location: index2.php");
}

bazz
02-17-2008, 06:12 PM
Well as you have seen. there are three session states,

exists,
empty
doesn't exist

You need to consider which states you need to check for. I think normally scripts check for 'isset' which looks for both empty and not empty sessions. remember just because session is empty doesn't mean it isn't set and so, a user can be logged in already but with an empty session. better to check for isset.


bazz

PRodgers4284
02-17-2008, 06:15 PM
Well as you have seen. there are three session states,

exists,
empty
doesn't exist

You need to consider which states you need to check for. I think normally scripts check for 'isset' which looks for both empty and not empty sessions. remember just because session is empty doesn't mean it isn't set and so, a user can be logged in already but with an empty session. better to check for isset.


bazz


Thanks for your advice, i think il change it now



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum