Web Analytics Made Easy -
StatCounter PHP Login Redirect By User - CodingForum

Announcement

Collapse
No announcement yet.

PHP Login Redirect By User

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • PHP Login Redirect By User

    Hi,

    i have a basic login script that directs users to a page once logged in, i would like to direct different users to different pages based on their username

    eg; user1 would log in and be directed to domain.com/user1
    user2 would log in and be directed to domain.com/user2

    also, user2 shouldn't be able to change the address to domain.com/user1 and be allowed access to that folder and so on.

    the usernames and passwords are stored in a mysql db and there is no requirement for the users to be able to change them.

    Am i right in thinking this is the bit of code i need to change?

    PHP Code:
    function validate_user($un$pwd) {
            
    $mysql = New Mysql();
            
    $ensure_credentials $mysql->verify_Username_and_Pass($unmd5($pwd));
            
            if(
    $ensure_credentials) {
                
    $_SESSION['status'] = 'authorized';
                
    header("location: index.php");
            } else return 
    "Please enter a correct username and password";
            
        } 
    Please could someone offer some help/advice on how to implement this?

    Thanks

  • #2
    Why don't you make the file with the MKDIR function and then create a meta-tag that redirects them when they log in?

    Comment


    • #3
      Originally posted by GreenFanta View Post
      Why don't you make the file with the MKDIR function and then create a meta-tag that redirects them when they log in?
      Odd way of doing it.

      What you should do, in my opinion, is change the location header to (assuming $un is your username):
      PHP Code:
      header('location: http://www.domain.com/'.$un); 
      That way, every time someone logs in as user1 they will be redirected to domain.com/user1. The code that handle's that url should check and compare the user and the URI to make sure the user is on the right page, and provide an error if they're on someone elses - or a public overview of that user.
      Useful function to retrieve difference in times
      The best PHP resource
      A good PHP FAQ
      PLEASE remember to wrap your code in [PHP] tags.
      PHP Code:
      // Replace this
      if(isset($_POST['submitButton']))
      // With this
      if(!empty($_POST))
      // Then check for values/forms. Some IE versions don't send the submit button 
      Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live.

      Comment


      • #4
        BluePanther, thanks for your help.

        I have implemented the $un into my code and now looks something like this

        PHP Code:
        header("location: users/$un/index.php"); 
        This is working well apart from being accessible by others when logged in.

        If 'Batman' logs in he gets redirected to domain.com/users/batman/index.php
        apart from then, you can change the address in the address bar to domain.com/users/superman/index.php and this loads. =(

        on the index.php i have the following code

        PHP Code:
        <?php

        require_once '../../classes/Membership.php';
        $membership = New Membership();

        $membership->confirm_Member();

        ?>
        is it possible to make this reference the username so only the right person can access it?

        Thanks


        Originally posted by BluePanther View Post
        Odd way of doing it.

        What you should do, in my opinion, is change the location header to (assuming $un is your username):
        PHP Code:
        header('location: http://www.domain.com/'.$un); 
        That way, every time someone logs in as user1 they will be redirected to domain.com/user1. The code that handle's that url should check and compare the user and the URI to make sure the user is on the right page, and provide an error if they're on someone elses - or a public overview of that user.

        Comment


        • #5
          Wait. Why are you making new pages for each user? The purpose of PHP is to handle dynamic data to do so as you see fit. There is no reason why a specific user requires a page of their own, rather you would create a page and provide it with input on WHAT data to process and go from there. So you wouldn't move to site.com/batman/index.php, you would move to site.com/index.php?user=batman. Proper controls in your management system for users will deem who can see what, and you needn't worry about access to directories at all (since you cannot control that with filesystem permissions).
          PHP Code:
          header('HTTP/1.1 420 Enhance Your Calm'); 
          Been gone for a few months, and haven't programmed in that long of a time. Meh, I'll wing it ;)

          Comment


          • #6
            To be honest my PHP knowledge is VERY limited, I have used what I am working on from following a tutorial.

            What I am trying to do is create a login, so I can give out a user/pass and someone can log in and see a few HTML pages I have put together.

            Comment


            • #7
              These can still all be served in this manner.
              In PHP, you can verify a login attempt and store the user in a session. This session can be re-established to determine if they have access to these files. What you then do is store all these files above the public_html of you're published directory, and serve them from PHP (a new script, say getfile.php, and provide which file they want to access). Its more complicated than a standard user directory structure, but saves tonnes of storage space and can actually be controlled.
              PHP Code:
              header('HTTP/1.1 420 Enhance Your Calm'); 
              Been gone for a few months, and haven't programmed in that long of a time. Meh, I'll wing it ;)

              Comment

              Working...
              X