Change navbar after user login php

Question

I want the "Login/Sign up" button in the navigation bar to change to "My Account" after the user logs in.

The navigation.php file I use for this currently looks like this:

<?php 
    session_start();
    include("check.php");   
?>


<?php 

if ($_SESSION['username']){ ?>
    <div id="nav">
        <ul >
            <li class="navbar-left"><a href="artikelen.html">Men</a></li>
            <li class="navbar-left"><a href="artikelen.html">Women</a></li>
            <li class="navbar-left"><a href="artikelen.html">Kids</a></li>
            <li class="navbar-right"><a href="view_cart.php">Cart (0)</a></li>
            <li class="navbar-right"><a href="inlog.php">My Account</a></li>
        </ul>
    </div>

<?php } else { ?>
    <div id="nav">
        <ul >
            <li class="navbar-left"><a href="artikelen.html">Men</a></li>
            <li class="navbar-left"><a href="artikelen.html">Women</a></li>
            <li class="navbar-left"><a href="artikelen.html">Kids</a></li>
            <li class="navbar-right"><a href="view_cart.php">Cart (0)</a></li>
            <li class="navbar-right"><a href="inlog.php">Login / Sign Up</a></li>
        </ul>
    </div> 
<?php }
?>

The check.php file looks like this:

<?php
include('connection.php');
session_start();
$user_check=$_SESSION['username'];

$ses_sql = mysqli_query($db,"SELECT username FROM users WHERE username='$user_check' ");

$row=mysqli_fetch_array($ses_sql,MYSQLI_ASSOC);

$login_user=$row['username'];

if(!isset($user_check))
{
header("Location: index.php");
}
?>

If I go to a webpage with this navigation bar I get the following error:

This webpage has a redirect loop ERR_TOO_MANY_REDIRECTS

Can someone please help me?

Answer 1

The redirect loop error you're encountering occurs because, in your navigation.php, you're including check.php. In check.php, you attempt to verify if a username is stored in the session with the following line:

$user_check = $_SESSION['username'];

However, you proceed to check the database with this value without first confirming if the session contains a valid username. You then assign the fetched username record to $login_user:

$login_user = $row['username'];

Later, you check the old $user_check variable instead of using the newly fetched data in $login_user. This causes a problem on the first attempt because $user_check may not be set, leading to a redirect:

if (!isset($user_check)) {
    header("Location: index.php");
}

Solution: To fix this, remove the line include("check.php"); from your navigation file, since the navigation menu is accessible to both logged-in and not-logged-in users. The only difference between the two is the display of the "My Account" link. Here's how the updated navigation should look:

<?php
session_start();
?>

<div id="nav">
    <ul>
        <li class="navbar-left"><a href="artikelen.html">Men</a></li>
        <li class="navbar-left"><a href="artikelen.html">Women</a></li>
        <li class="navbar-left"><a href="artikelen.html">Kids</a></li>
        <li class="navbar-right"><a href="view_cart.php">Cart (0)</a></li>
        <li class="navbar-right">
            <?php if (isset($_SESSION['username']) && !empty($_SESSION['username'])): ?>
                <a href="account.php">My Account</a>
            <?php else: ?>
                <a href="inlog.php">Login / Sign Up</a>
            <?php endif; ?>
        </li>
    </ul>
</div>

Update check.php: Refactor your check.php file to properly verify the logged-in status:

<?php
include('connection.php');
session_start();

function is_user_logged_in() {
    global $db;
    if (isset($_SESSION['username']) && !empty($_SESSION['username'])) {
        $user_check = $_SESSION['username'];
        $ses_sql = mysqli_query($db, "SELECT username FROM users WHERE username='" . mysqli_real_escape_string($db, $user_check) . "'");
        $row = mysqli_fetch_array($ses_sql, MYSQLI_ASSOC);
        
        if ($row) {
            return true;
        }
    }
    return false;
}
?>

In PHP files where you want to restrict access to logged-in users, use check.php as follows:

<?php
require_once 'check.php';
if (!is_user_logged_in()) {
    header("Location: inlog.php");
    exit();
}
// Your code for logged-in users
?>

These changes should resolve the redirect loop issue and implement the "My Account" button change when a user is logged in and also Improved security by using mysqli_real_escape_string to prevent SQL injection.

Answer 2

Try this

navigation.php

<?php 
    include("check.php");   
?>


    <?php 

    if ($loginst == 1){ ?>
        <div id="nav">
            <ul >
                <li class="navbar-left"><a href="artikelen.html">Men</a></li>
                <li class="navbar-left"><a href="artikelen.html">Women</a></li>
                <li class="navbar-left"><a href="artikelen.html">Kids</a></li>
                <li class="navbar-right"><a href="view_cart.php">Cart (0)</a></li>
                <li class="navbar-right"><a href="inlog.php">My Account</a></li>
            </ul>
        </div>

    <?php } else { ?>
        <div id="nav">
            <ul >
                <li class="navbar-left"><a href="artikelen.html">Men</a></li>
                <li class="navbar-left"><a href="artikelen.html">Women</a></li>
                <li class="navbar-left"><a href="artikelen.html">Kids</a></li>
                <li class="navbar-right"><a href="view_cart.php">Cart (0)</a></li>
                <li class="navbar-right"><a href="inlog.php">Login / Sign Up</a></li>
            </ul>
        </div> 
    <?php } ?>

check.php

<?php
include('connection.php');
session_start();
$loginst = 0;
if ($_SESSION['username']){ 

$user_check = $_SESSION['username'];

$ses_sql = mysqli_query($db,"SELECT username FROM users WHERE username='$user_check' ");

$row=mysqli_fetch_array($ses_sql,MYSQLI_ASSOC);

$login_user=$row['username'];

if(!empty($login_user)) 
{
   $loginst = 1;
}

}

?>

Answer 3

Remove the Location header in check.php. You can set the location header after displaying the login form

Answer 4

Update your check.php to something like this.

$user_check = (isset($_SESSION['username']) && trim($_SESSION['username'])!='')?trim($_SESSION['username']):false;
if(!$user_check) header("Location: index.php");
else{
    $ses_sql = mysqli_query($db,"SELECT username FROM users WHERE username='$user_check' ");
    $row=mysqli_fetch_array($ses_sql,MYSQLI_ASSOC); 
    $$_SESSION['username']=$row['username'];
}