A code to restrict users from viewing content?
May 31st, 2009 | 
Author: I been getting much much better at php, im making log in and registration pages, but i need a code (preferable php) that will check to see if the user is logged in or it will redirect them to the log in page. Plus since i did all the advanced programming in php and all the simply stuff in html, can i include the php file into my html file?Any help would be appreciated.
Lean about sessions. You'd need to start the session on every page, set the session if the login credentials are correct, unset on logout, redirect if the expected session isn't set or is empty (in case it's set, but empty).
Basically
session_start();
at the top of each page (or a include that's loaded before output, however you're doing it)
// check for session. Unless it's the login page or you'll loop
if (isset($_GET['go']) || $_GET['go']<>'login' && (!isset($_SESSION['user_id']) || empty($_SESSION['user_id']))) header("location: index.php?go=login");
for your login sequence
// check credentials
// your code here
// set session
$_SESSION['user_id']=$theuserid;
// continue to rest of page or redirect
Modify that to suit your own code. But have a quick look at session handling http://uk2.php.net/manual/en/book.session.php because you need to use them by the book.
(PS I use isset() because I don't like to produce errors, whether I've got error reporting off or not. People often ask this.)
Posted in advanced php programming
you can use php and html side by side, the pages with both content need to be saved as a .php file though, to restrict users from viewing certain pages if they aren't logged in look into the use of sessions, thats a good hint and something to search for, I am not going to write the code for you though
References :
search on youtube
References :
Lean about sessions. You'd need to start the session on every page, set the session if the login credentials are correct, unset on logout, redirect if the expected session isn't set or is empty (in case it's set, but empty).
Basically
session_start();
at the top of each page (or a include that's loaded before output, however you're doing it)
// check for session. Unless it's the login page or you'll loop
if (isset($_GET['go']) || $_GET['go']<>'login' && (!isset($_SESSION['user_id']) || empty($_SESSION['user_id']))) header("location: index.php?go=login");
for your login sequence
// check credentials
// your code here
// set session
$_SESSION['user_id']=$theuserid;
// continue to rest of page or redirect
Modify that to suit your own code. But have a quick look at session handling http://uk2.php.net/manual/en/book.session.php because you need to use them by the book.
(PS I use isset() because I don't like to produce errors, whether I've got error reporting off or not. People often ask this.)
References :
Web developer, 10+ years