Reputation: 161
PHP session - prevent entire page from loading
I'm fairly new to back-end programming, and can't seem to find an answer to an easy (in my view) problem. I understand that if I want to display only a specific piece of data for a given user (e.g. items in the cart), I would use a session ID to identify that user and insert whatever information for that specific user from the database into my page through php's echo function. Now, what if I have a page with a lot of lines of html code and want the code to run only if there's a session? Should I put all that code into else {echo "...html code...";} and have a page looking something like this:
<?php
session_start();
if (!isset($_SESSION['id'])) {
header('location:../');
exit();
} else {
echo "
<html>
<body>
code
code
code
code
</body>
</html> ";
}
?>
This seems to be working, but the whole approach seems very bulky and my gut tells me that's not how I should be preventing each page from loading at all unless the user is signed in. Also, this method creates all sorts of issues with quotes and makes the code really hard to read and debug.
Upvotes: 2
Views: 14170
Answers (4)
Reputation: 25
You could do something like this if you think page is too bulky
<?php
session_start();
if (!isset($_SESSION['id'])) {
header('yourFile.php);
exit();
}
"your file.php"
<?php
echo "
<html>
<body>
code
code
code
code
</body>
</html> ";
?>
Upvotes: 0
Reputation: 1675
<?php
session_start();
if (!isset($_SESSION['id'])) {
header('location:../');
exit(); // <-- terminates the current script
}
// close the php tag and write your HTML :)
?>
<html>
<body>
code
code
<!-- if you need another php tag somewhere else -->
<?php if(1 != 2) echo '<em>PHP works :)</em>'; ?>
code
code
</body>
</html>
Upvotes: 7
Reputation: 86
You can do something like this.
<?php
$shouldShow = 0;
session_start();
if (isset($_SESSION['id'])){
$shouldShow = 1;
}
?>
<html>
<body>
<script>
var shouldLoad = <?php echo $shouldShow; ?>;
if (shouldLoad == 1){
loadPage(true); // load page is an imaginary Javascript function which
//you can make to load the page.
}
</script>
</body>
</html>
In this way you mix up php and java-script to reach your goal and make the website more user friendly.
The first php part contains php variable which will be set to 1 if the session exists.
Now you have the HTML part where you have a script tag, under which there is a variable. You simply echo the value of php variable "shouldLoad" into this javascript variable. So now your javascript knows wheather to load or not load the webpage. Make necessary adjustment in your javascript code to load the webpage depending on this value of variable.
Another way of doing this is.
<?php
session_start();
if (!isset($_SESSION['id'])){
header('Location: http://myhost.com/mypage.php');
// redirect the page to another location (a page saying no session found)
}
?>
<html>
<body>
your html codes you want to show
</body>
</html>
Also if you just want to exit your php script and do not care about the cool UI, you can simply put "exit()" inside your 'if' condition so that the script terminates it doesnt find the desired session ID.
Upvotes: 0
Reputation: 142
Your session I'd will be there whether you recognize the user or not. You to pass the session id along either through a form variable or through a session cookie. And the call the session by setting the session id
session_id($session_var_passed);
session_start();
You should test for the session varaible passed.
Upvotes: 0
Related Questions
- How to disable session in php?
- PHP - How not to start a session on the login page
- Destroy a session and automatically loads the page
- How to destroy Session after page load?
- PHP- How can I restrict access to a page?
- Create session before access to page
- Prevent user from seeing pages that require a session
- Restrict access to page with PHP
- how to disable sessions in php
- How to prevent a session