Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

Redirect if not logged in

  • 15-04-2015 08:10PM
    #1
    Registered Users, Registered Users 2 Posts: 3,097 ✭✭✭


    Hi all,

    I'm am developing an PHP, SQL website at the moment involving a basic login and signup page for college. What I have working is the sign up and login but I somehow need to add in if the user is not logged in her or she cannot access certain pages.

    I think I need to implement a cookie as far as I know I am not to sure now.


Comments

  • Registered Users, Registered Users 2 Posts: 2,011 ✭✭✭colm_c


    You need to look at sessions.

    Basic theory is you store the user's info/status (or a reference to it) in a session.

    Then you can check the session's contents/variable to see if they are logged in.

    PHP has session management built in have a look at $_SESSION.

    Under the hood PHP will set a cookie to a session reference and you're just writing to this session.

    You don't want to store info directly in a cookie especially logon information as it can be seen in the clear, but sessions it only stores a reference to the session and the data is retained on the server.


  • Registered Users, Registered Users 2 Posts: 1,602 ✭✭✭Gaz


    Just expanding on the above, what I do is include a check.php on every page I want protected.

    Set the session variable when the user logs in, then each page checks for this in the check.php. Like this ...

    if(!isset($_SESSION) || (trim($_SESSION) == '')) {
    header("location: logon");
    exit();
    }

    Oh and dont forget to start the sessions on each page with session_start();


Advertisement