Reputation: 55
php redirect if already logged in
i am using a simple login form; i want to redirect if an already logged in user comes to login page
Login form
<?php session_start(); ?>
<!DOCTYPE html>
<html>
<body>
<form action="login.php" method="POST">
<input type="text" placeholder="username" name="uname" required /><br>
<input type="password" placeholder="password" name="pwd" required /><br>
<input type="submit" value="Login">
</form>
<script>
<?php if(isset($_SESSION['user'])&&!empty($_SESSION['user']))
header("Location: booking.php");
else if(isset($_SESSION['login_status']) && $_SESSION['login_status'] !='') { ?>
alert('<?php echo $_SESSION['login_status']; ?>');
<?php unset($_SESSION['login_status']); session_destroy ();} ?>
</script>
</body>
</html>
PHP for database connection and query
<?php
require_once '../config.php';
session_start();
$user = $_POST['uname'];
$pwd = $_POST['pwd'];
// To protect MySQL injection (more detail about MySQL injection)
$user = stripslashes($user);
$pwd = stripslashes($pwd);
$pwd = sha1($pwd);
$query="SELECT * FROM user WHERE uname='$user' and pwd='$pwd' and isActive=1";
$stmt=$conn->prepare($query);
$stmt->execute();
$stmt->setFetchMode(PDO::FETCH_ASSOC);
$result=$stmt->fetch();
if($result){
$_SESSION['user'] = $result['fullname'];
$_SESSION['login_status'] = "Sucessfully Logged in";
header("Location: booking.php");
}else{
$_SESSION['login_status'] = "Login Credentials incorrect";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
?>
This code perfectly works with my localhost but while i put this in a shared hosting if i have already login and goes to the login page it is not redirecting me to page -> booking.php. If i give an alret here
<?php if(isset($_SESSION['user'])&&!empty($_SESSION['user']))
header("Location: booking.php");
instead of header("Location: booking.php"); the alert works; but as you can see the very same code works in the php connection page.
Could anyone point out the mistake i have made here?.. Please note: Login works without any issue; ie: if i give the correct username and password it redirects me to the corresponding page, only issue is that after logging in if i came back to the login form it's not redirecting me to booking.php page
Upvotes: 0
Views: 2364
Answers (2)
Reputation: 115
You are unsetting the logging_status and destroying the session in the elseif statement here:
<?php if(isset($_SESSION['user'])&&!empty($_SESSION['user']))
header("Location: booking.php");
else if(isset($_SESSION['login_status']) && $_SESSION['login_status'] !='') { ?>
alert('<?php echo $_SESSION['login_status']; ?>');
<?php unset($_SESSION['login_status']); session_destroy ();} ?>
Which is the reason behind failure in redirection and also you have some minor syntax flaws as well else if -> elseif and session_destroy () -> session_destroy().
Here is the code that will fix the error for you:
<?php session_start(); ?>
<!DOCTYPE html>
<html>
<body>
<form action="login.php" method="POST">
<input type="text" placeholder="username" name="uname" required /><br>
<input type="password" placeholder="password" name="pwd" required /><br>
<input type="submit" value="Login">
</form>
<script>
<?php
if(isset($_SESSION['user'])&&!empty($_SESSION['user']))
{
header("Location: booking.php");
}
elseif(isset($_SESSION['login_status']) && $_SESSION['login_status'] !='')
{
?>
alert('<?php echo $_SESSION['login_status'];?>');
<?php
}
unset($_SESSION['login_status']);
session_destroy();
?>
</script>
</body>
</html>
Upvotes: 0
Reputation: 3065
You need to use header before html codes. Try something like :
<?php session_start();
if(isset($_SESSION['user'])&&!empty($_SESSION['user'])){
header("Location: booking.php");
exit();
}
?>
<!DOCTYPE html>
<html>
<body>
<form action="login.php" method="POST">
<input type="text" placeholder="username" name="uname" required /><br>
<input type="password" placeholder="password" name="pwd" required /><br>
<input type="submit" value="Login">
</form>
<script>
<?php if(isset($_SESSION['login_status']) && $_SESSION['login_status'] !='') { ?>
alert('<?php echo $_SESSION['login_status']; ?>');
<?php unset($_SESSION['login_status']); session_destroy ();} ?>
</script>
</body>
</html>
Upvotes: 2
Related Questions
- PHP redirect user if logged in
- How to redirect if user already logged in
- making user redirect if not logged in using php sessions
- Redirect to login page if user is not logged in
- PHP: How to check if user is already logged in and otherwise redirect to login page
- PHP redirect users if not logged in
- Redirect user who already logged in PHP
- If user isn't logged in, then redirect PHP
- PHP redirect if the user has been authenticated or not
- Redirect after PHP Login