hi again, i am done with the login form everything works fine so i just want to know how to make the welcomein.php private?? i am working on a community so you would know what i mean could some one give me a simpel script that i can develope to better.
so pliz give me the script for that and the script for how to make a password encrypted in the database
Thanks.
13 16823
Changed thread title to better describe the problem (did you know that threads whose titles that do not follow the Posting Guidelines actually get FEWER responses?).
Heya, silmana.
How you implement this is largely up to you. The generally-accepted way to do this is to put some kind of logged-in indicator in the _SESSION, which you would then check for when loading a restricted page.
For example, you might set $_SESSION['logged_in'] = true when the User logs in.
Then, when loading a restricted page, you can add this code at the top: -
session_start();
-
if(empty($_SESSION['logged_in']))
-
{
-
header('Location: http://' . $_SERVER['HTTP_HOST'] . '/login.php');
-
exit;
-
}
-
Hi
For the security purpose you can use md5 function.
md5 is an on way encryption algo, Before storing data into database encrypt it using md5, and at the time of login validate it.
Changed thread title to better describe the problem (did you know that threads whose titles that do not follow the Posting Guidelines actually get FEWER responses?).
Heya, silmana.
How you implement this is largely up to you. The generally-accepted way to do this is to put some kind of logged-in indicator in the _SESSION, which you would then check for when loading a restricted page.
For example, you might set $_SESSION['logged_in'] = true when the User logs in.
Then, when loading a restricted page, you can add this code at the top: -
session_start();
-
if(empty($_SESSION['logged_in']))
-
{
-
header('Location: http://' . $_SERVER['HTTP_HOST'] . '/login.php');
-
exit;
-
}
-
i dont know where you mean i should put this code, do you mean in the welcome page or? cuz i tried and it dosent work, cant you do for me a "demo" page with the correct full scripts for the private login page?
thanks.
Heya, silmana.
You put that code at the very top of any page that you want to secure. For example: -
<?php
-
session_start();
-
if(empty($_SESSION['logged_in']))
-
{
-
header('Location: http://' . $_SERVER['HTTP_HOST'] . '/login.php');
-
exit;
-
}
-
-
echo 'You will only see this if you are logged in.';
-
?>
-
sorry dosent work.
here is the site that i want to secure
the code for the site : -
<?php
-
session_start(); // Alltid överst på sidan
-
-
// Kolla om inloggad = sessionen satt
-
if (!isset($_SESSION['sess_user'])){
-
header("Location: index.php");
-
exit;
-
}
-
-
?>
-
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-
<html>
-
<head>
-
<meta http-equiv="Content-Type"
-
content="text/html; charset=iso-8859-1">
-
<title>Välkommen</title>
-
<style type="text/css">
-
<!--
-
#Layer1 {
-
position:absolute;
-
left:160px;
-
top:12px;
-
width:571px;
-
height:26px;
-
z-index:1;
-
background-color: #99CC00;
-
}
-
-->
-
</style>
-
</head>
-
<body>
-
-
<div id="Layer1">
-
<table width="572" border="1" bordercolor="#000000" bgcolor="#99CC33">
-
<tr>
-
<td width="61"><strong>Hem</strong></td>
-
<td width="162"><strong>Forum </strong></td>
-
<td width="142"><strong>Gästbok</strong></td>
-
<td width="63"><a href="welcome.php?logout="><strong>Bråk</strong></a></td>
-
<td width="110"><a href="index.php?logout="><strong>Logga ut</strong></a></td>
-
</tr>
-
</table>
-
</div>
-
<strong>Välkommen <?php echo $_SESSION['sess_user']; ?></strong><br>
-
<br>
-
</body>
-
</html>
pliz show me how to do, reply back with codes.
thanks
Heya, silmana.
Please use CODE tags when posting source code. See the REPLY GUIDELINES on the right side of the page next time you post.
Instead of checking for isset() use empty() instead. isset() will return true when $_SESSION['sess_user'] is false, which is probably not desirable.
Which problem are you having?
Are you unable to view the page when you are logged in?
Or are you able to view the page even if you are not logged in?
okey did that now its working but, how do i know that when the user logs in he has a private page is there anything that i can add , cuz i want that all the user will only see the same design but not the same information, ? could someone help me with that could i get som script for that
Heya, silmana.
So what you're trying to do is to show one set of content if the User is logged in, but a different set of content if he is not?
yeah you know like the regular communitys, you logg in and have your profile(private site, info) but the desing is the same for all the users, can you help me with that? send me the codes please.
Heya, Silmana.
Ok. Instead of redirecting to the login page if the User is not logged in, you simply not show certain content.
For example: -
if( empty($_SESSION['logged_in']) )
-
{
-
// echo stuff that a not-logged-in User sees.
-
}
-
else
-
{
-
// echo stuff that a logged-in User sees.
-
}
-
Hi pbmods;
thanks for ur previous info.It is useful for me too.
but if my case is like one administrator is control all the user in the application..user got many level.different level perform different task.
If i am user like data entry..so i can go to all the page relate with my data entry limitation.So i can't go to other page like finance page..How to i block it?
Thanks
Heya, Wish.
The simplest way to do this would be to set up access groups, and then only allow members of a particular group to access each page.
For example, you might create a 'Data Entry' group, and then you could put code similar to this at the top of every data entry page: -
// Only allow Data Entry and Management to access this page.
-
if( empty($_SESSION['groups']['Data Entry']) || empty($_SESSION['groups']['Management']) )
-
{
-
header('Location: login.php');
-
}
-
When the User logs in, you would look up any and all groups that the User is a member of and then set them as keys to $_SESSION['groups']: -
$_sql = "SELECT * FROM( `Map_User_Group` LEFT JOIN `Data_Groups` USING( `ID_Group` ) ) WHERE `ID_User` = '$userid'";
-
$_res = mysql_query($_sql);
-
-
$_SESSION['groups'] = array();
-
while( $_row = mysql_fetch_assoc($_res) )
-
{
-
$_SESSION['groups'][$_row['Name_Group']] = $_row['ID_Group'];
-
}
-
mysql_free_result($_res);
-
Hello,
I have similar issue as Silmana had. I am able to view the logged-in information directly by entering in the url when i am not logged-in. Please help me with code.
Below is my Logged-in Page. This is where i have a welcome message and the employee name then i have a bunch of links that open on new tab. This is strictly for logged-in users only. How can i achieve the following if someone copies or bookmarks a link that is on the Logged-in page it should redirect them to the login page first. -
session_start();
-
-
-
// if(!empty($_SESSION['employeeName'])) // If session is not set then redirect to Login Page
-
// {
-
// // header("http://webdev/wordpress/str2/employee-portal/");
-
// echo '<script type="text/javascript"> window.open("http://webdev/wordpress/str2/employee-portal/","_self");</script>';
-
// exit();
-
// }
-
-
-
if ((!empty($_SESSION['logged_in'])) && (!empty($_SESSION['employeeName'])))
-
{
-
-
-
-
-
echo "<strong>Welcome! " . ucwords(strtolower($_SESSION['employeeName'])) . "</strong>" . " " . "<a href='http://webdev/wordpress/str2/logout/' class='loggedinUserPageLink'>Logout</a> ";
-
-
// $_SESSION = array(); //This clears the cache
-
// echo "Login Success";
-
// echo "<a href='http://webdev/wordpress/str2/logout/'> Logout</a> ";
-
echo "<br><br><a href='http://form.pdf' target='new'>TEST</a>";
-
-
}
-
-
else
-
{
-
-
echo '<script type="text/javascript"> window.open("http://webdev/wordpress/str2/employee-portal/","_self");</script>';
-
exit;
-
-
-
-
}
-
Sign in to post your reply or Sign up for a free account.
Similar topics
by: |
last post by:
Which of these scenarios is better:
A
--
User Registers and is returned to the login screen to test his new username
ie (email address). A login script checks user name against database....
|
by: chris |
last post by:
Hi,
I will be looking to use gatekeeper or some other javascript method of
password protection but...
Once there I need a way of resticting access to a page to stop someone
from bookmarking...
|
by: Astra |
last post by:
Hi All
I know this probably sounds like a newbie question, but I was under the
impression that secure pages (https) don't appear in the history/address bar
history list - this appears to be...
|
by: aditya |
last post by:
Hi,
I am working on .NET framework 1.1.
I am not able to access the secure pages and get parser
error when trying to do so. The stuff worked fine
with .NET framework 1.0
Are we supposed to...
|
by: Notgiven |
last post by:
I am considering a large project and they currently use LDAP on MS platform.
It would be moved to a LAMP platform. OpenLDAP is an option though I have
not used it before. I do feel fairly...
|
by: Rob R. Ainscough |
last post by:
Again another simple concept that appears NOT to be intuitive or I'm just
stupid. I've read the WROX book and the example doesn't actually show how
the .master page links in the other content...
|
by: amitvps |
last post by:
Secure Socket Layer is very important and useful for any web application but it brings some problems too with itself. Handling navigation between secure and non-secure pages is one of the cumbersome...
|
by: raknin |
last post by:
Hi,
I am looking for a close package of secure login and registeration written in PHP.The package that I am looking for should have the following functionality
I believe this is standard...
|
by: canabatz |
last post by:
im trying to build my login page with ssl https:// to login.php
and the padlock is not showing ,it is showing it for 0.1 seconds and gone!!
if i dont have any images on the page ,it is working...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
| |