I created a php page that will create a session for a user. My problem
is that once they are logged in, I dont know how to send them to the
secure page. I dont know where to place the following lines of code:
(also not sure where on the server the pages are placed)
header("Location: http://www.mysite.com/index.html");
exit;
Original code-------------------------------------------------
<?
session_start();
?>
<html>
<head>
<title> </title>
</head>
<body>
<?
$_Username = "user";
$_Password = "password";
// If the form was submitted
if ($_POST['Submitted'] == "True") {
// If the username and password match up, then continue...
if ($_POST['Username'] == $_Username && $_POST['Password'] ==
$_Password) {
// Username and password matched, set them as logged in and
set the
// Username to a session variable.
$_SESSION['Logged_In'] = "True";
$_SESSION['Username'] = $_Username;
}
}
if ($_SESSION['Logged_In'] != "True") {
echo "<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] .
"\">
Username: <input type=\"textbox\" name=\"Username\"><br />
Password: <input type=\"textbox\" name=\"Password\"><br />
<input type=\"hidden\" name=\"Submitted\" value=\"True\">
<input type=\"Submit\" name=\"Submit\">
</form>";
}
else
{
echo "You are logged in as: <b>" . $_SESSION['Username'] . "</b>
<br /><a href=\"" . $_SERVER['PHP_SELF'] .
"?mode=logout\">Logout</a>";
}
if ($_GET['mode'] == "logout") {
session_start();
$_SESSION = array();
session_destroy();
echo "<META HTTP-EQUIV=\"refresh\" content=\"1; URL=" .
$_SERVER['PHP_SELF'] . "\">";
}
?>
<p> </p>
</body>
</html>