Reputation: 51
if session redirect to homepage
if(!$_SESSION['username']) {
$ip = $db->real_escape_string(VisitorIP());
$username = $db->real_escape_string($_POST['username']);
$password = $db->real_escape_string($_POST['password']);
$salt = "****";
$password = md5($password . $salt);
$result = $db->query("SELECT * FROM TABLE WHERE username='$username' and password='$password'");
$count = mysqli_num_rows($result);
if ($count == 1){
$bannedq = $db->query("SELECT banned FROM TABLE WHERE username='$username' AND password='$password'");
$banned = $bannedq->fetch_row();
if($banned[0] == "1") {
$failedLogin="1";
$message = 'You are banned and you cannot login';
} else {
$ip = $db->real_escape_string(VisitorIP());
$db->query("UPDATE h_users SET lastlogin=now(), lastip = '$ip' WHERE username='$username'");
header("Location: home");
session_start();
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
$failedLogin = "1";
$message = 'Username or Password WRONG!';
}
}
} else {
header("location: home");
}
Hello programmers, I am trying to setup a login system in my website. Until now it was working fine but when the session is set and the user gets redirected to the homepage now if he goes to the login screen and the session is set i want him to redirect to the homepage and not see the login screen again. But my after i added this part :
if(!$_SESSION['username']) {
it does not work
Upvotes: 1
Views: 228
Answers (2)
Reputation: 51
Okay guys thanks for your help <3 <3 I changed my code to this and everything went fine
session_start();
if(!isset($_SESSION['username'])) {
if(isset($_POST['username']) && isset($_POST['password'])) {
$ip = $db->real_escape_string(VisitorIP());
$username = $db->real_escape_string($_POST['username']);
$password = $db->real_escape_string($_POST['password']);
$salt = "ho073";
$password = md5($password . $salt);
$result = $db->query("SELECT * FROM TABLE WHERE username='$username' and password='$password'");
$count = mysqli_num_rows($result);
if ($count == 1){
$bannedq = $db->query("SELECT banned FROM TABLE WHERE username='$username' AND password='$password'");
$banned = $bannedq->fetch_row();
if($banned[0] == "1") {
$failedLogin="1";
$message = 'You are banned and you cannot login';
} else {
$ip = $db->real_escape_string(VisitorIP());
$db->query("UPDATE TABLE SET lastlogin=now(), lastip = '$ip' WHERE username='$username'");
header("Location: home");
$_SESSION['username'] = $username;
$failedLogin = "1";
$message = 'Username or Password WRONG!';
}
}
}
include'templates/login.html';
} else {
header("location: home");
die();
}
Much love for you <3
Upvotes: 0
Reputation: 59681
You have to take your session start and put it there before you use it, so write this before your if statement:
session_start();
if(!$_SESSION['username']) {
//...
And delete this one here:
/...
session_start();
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
/...
(Also i would add a die(); or exit(); after each header, it makes sure nothing gets executed after the header)
Upvotes: 4
Related Questions
- PHP, if session is started redirect to a different page
- if session is not set - redirecton doesn't work
- Redirecting a page w/sessions
- PHP redirect only if session variable is not found redirects many times
- php valid session redirecting to indexpage
- Redirect in PHP regarding on session variable
- redirect if session doen't exist
- Re-directing to certain page if logged in
- Ignoring if statement
- PHP +redirecting with sessions