www.webdeveloper.com
Page 1 of 2 12 LastLast
Results 1 to 15 of 26

Thread: PHP Login and Redirection

Hybrid View

  1. #1
    Join Date
    Mar 2008
    Posts
    59

    PHP Login and Redirection

    Hi Everyone

    I have had a lot of help from this site with JavaScript questions, so I know you’re the right guys to ask about PHP.

    Just been helping a friend with her dads, home business, website. Anyhow he has asked if its possible to make a login script for his clients. Now I can make a login easy, and have found many sample pages to help. But what he is asking is something different.

    What is he asking for? Ok he wants a Client login, when the customer logs in, he is not redirected to the members page, where he can now access all site pages, but redirected to there own page, not accessible from any other client.

    Now I have seen things like this, after you login you are directed to like a profile page. That’s sort of what I’m after, but with now profile options, Just info regarding that client.

    Because I’m sure I have confused everyone with my ramblings, I made a lil diagram, to kind of show what I want the clients to do.

    Thank You Very Much
    - Kirt


    EDIT: Sorry i just wanted to add, i relise this would probably be a big job, I don't want annyone to spend their hard earned time making this for me, rather pointing me in the direction of something similar i could use, i dont really know PHP, but im willing to learn as I go.
    Attached Images Attached Images
    Last edited by Kirtangl; 01-16-2009 at 04:46 PM.

  2. #2
    Join Date
    Jun 2003
    Location
    here
    Posts
    4,551
    This would probably be best achieved with a single page, for the individual user, that is not hard, what may be hard is letting the users customise this page.
    If you are using PHP please use the [PHP] and [/PHP] forum tags for highlighting...
    The same applies to HTML and the forums [HTML][/HTML] tags.

  3. #3
    Join Date
    Mar 2008
    Posts
    59
    Thats ok, The clients/user is not supposed to edit the page. He does tests for the customer and sends them out a book full of data, I want to put that "book" on a webpage for the cust to read, to save the trees and all lol...

    You said one page, would that mean they cannot have multiple pages for each client? if so thats ok, just wondering.

  4. #4
    Join Date
    Jun 2003
    Location
    here
    Posts
    4,551
    You could do multiple pages, but for the sake of security it's better to keep the real pages to one, and use PHP to generate content for the requested pages, with htaccess you can make the urls look less restricted, maybe something like

    mySite.com/myAccount/page2

    which apache(or lighttp or IIS(I think)) can convert to mySite.com/myAccount.php?page=2
    Then you can read in the username/userID from the cookie/session, and serve the right page, something like:
    PHP Code:
    if( ! isset($_SESSION['user'])){
      
    header('Location: message.php?type=error&msg=Not+logged+in');
      exit;
    }
    $userId $_SESSION['user'];
    $page mysql_real_escape_string($_GET['page']);
    $rs mysql_query("SELECT * FROM `pages` WHERE `user`={$userId}
      AND (`pageNo`='
    $page' OR `pageNo`='1' ORDER BY `pageNo` DESC LIMIT 1");

    $info mysql_fetch_assoc($rs);
    echo 
    "<h3>Page number: {$info['pageNo']}</h3>
    {$info['content']}"
    If you are using PHP please use the [PHP] and [/PHP] forum tags for highlighting...
    The same applies to HTML and the forums [HTML][/HTML] tags.

  5. #5
    Join Date
    Mar 2008
    Posts
    59
    *reads franticly through PHP help books*

    hehe, sorry I have only ever really done client side. *trashy stuff basicly*, so that code will recognise the userID, and generate a single page for that user, with their data on it.

    Im going to have to read up on my_sql data bases aswell arnt I?...

  6. #6
    Join Date
    Jun 2003
    Location
    here
    Posts
    4,551
    OK, how about a comment heavy version:
    PHP Code:
    if( ! isset($_SESSION['user'])){
    // $_SESSION       is an array, containing all the session information for this user
    // ['user']       repesents the 'user' element of said array.
    // isset()      is a function that returns true or false, dependant on if the argument is set or not.
    // !        means not, and inverts the true/false bit
    // if(){}   if the content evaluates to true do the bit between the braces
      
    header('Location: message.php?type=error&msg=Not+logged+in');
    // header()      sends a header to the browser, this one tells the browser to redirect to message.php?type=error&msg=Not+logged+in
      
    exit;
    // abort the rest of the page so the browser redirects.
    }
    // end the if section.
    $userId $_SESSION['user'];
    // take the userID out of the session so we can use it easier.
    $page mysql_real_escape_string($_GET['page']);
    // get the current page, and make it safe to use with MySQL
    $rs mysql_query("SELECT * FROM `pages` WHERE `user`={$userId}
      AND (`pageNo`='
    $page' OR `pageNo`='1' ORDER BY `pageNo` DESC LIMIT 1");
    // a mysql query, it's not too hard to understand, but I'll do that later.

    $info mysql_fetch_assoc($rs);
    // get the result from the query.
    echo "<h3>Page number: {$info['pageNo']}</h3>
    {$info['content']}";
    // write out some text, it looks like this:
    /*

    <h3>Page number: 2</h3>
    This is the content we wanted to put on page 3 and stored in the database.

    */ 
    As for the MySQL:
    Code:
    SELECT *    get everything
    FROM `pages`   from a table called pages
    WHERE `user`={$userId}  where the user matches up
    AND(             and
    `pageNo`='$page'   the page number matches what we found in the query string
    OR `pageNo`='1'  or the page number is one.
    ORDER BY `pageNo`  order the results by the page number
    DESC         descending(highest first)
    LIMIT 1     only return the first result after it has been sorted
    This whole thing works out to mean that if the page ID is invalid or not found then we default back to the page 1, otherwise we load the page requested.

    With a little bit of experience and practice this will all become second nature.
    If you are using PHP please use the [PHP] and [/PHP] forum tags for highlighting...
    The same applies to HTML and the forums [HTML][/HTML] tags.

  7. #7
    Join Date
    Mar 2008
    Posts
    59
    WOW!... as i said, i know almost nothing about PHP, but this is somthing els, I should have almost no trouble working this one out, thank you so much.

    Is there a credit system in place on this forum or somthing? cos u need a Thumbs up hehe

    EDIT: this is gonna sound really dumb, how many fields on my table?
    Last edited by Kirtangl; 01-16-2009 at 06:10 PM.

  8. #8
    Join Date
    Mar 2008
    Posts
    59
    Im so sorry guys, I know what scragar has done is great, and exactly what i want, but i cant seem to work this out, I need to check a few things with u guys,

    I made a SQL database, called it, POD, (i didn't think the name mattered), in that, made a table called 'pages' and added 2 fields 'userId' and 'pageNo'. now im not sure how to add the users and the page number, or the password for that matter lol... *fail*

    and the php, im not to sure how this works, but i add the <?php ?> tags right?.

    thanx
    kirt


    EDIT: I think i worked out the SQL now

    userId PassW pageNo
    POD01 password 2

    thats what the table looks like...
    Last edited by Kirtangl; 01-16-2009 at 08:01 PM.

  9. #9
    Join Date
    Jun 2003
    Location
    here
    Posts
    4,551
    I assumed you would have a database, it's by far the easiest way to manage such a thing. You won't need to learn much of MySQL, phpMyAdmin will guide you through everything you will need, as well as showing the query you can copy paste into PHP if you want to duplicate the effect.

    And I am assuming you have set a session for the ID, it's not all that hard to understand http://php.net/sessions
    If you are using PHP please use the [PHP] and [/PHP] forum tags for highlighting...
    The same applies to HTML and the forums [HTML][/HTML] tags.

  10. #10
    Join Date
    Mar 2008
    Posts
    59
    I think I can figure out mySQL, I have looked at the mysqladmin like you said, and I think I sort of understand it. The PHP session thing Iím not so sure about, but that link you added should sort that out. I was wrong to think this was an easy task when i took it on lol, since i know almost nothing about PHP.

  11. #11
    Join Date
    Jun 2003
    Location
    here
    Posts
    4,551
    I would use two tables, one for users, one for pages, a structure something like this:
    Code:
    users
    +--------+-------------+------+-----+---------+----------------+
    | Field  | Type        | Null | Key | Default | Extra          |
    +--------+-------------+------+-----+---------+----------------+
    | userId | int(11)     | NO   | PRI | NULL    | auto_increment | 
    | uname  | varchar(63) | NO   |     |         |                | 
    | pword  | char(32)    | NO   |     |         |                | 
    +--------+-------------+------+-----+---------+----------------+
    pages
    +---------+-------------+------+-----+---------+----------------+
    | Field   | Type        | Null | Key | Default | Extra          |
    +---------+-------------+------+-----+---------+----------------+
    | pageId  | int(11)     | NO   | PRI | NULL    | auto_increment | 
    | owner   | int(11)     | NO   |     |         |                | 
    | pageNo  | int(7)      | NO   |     |         |                |
    | content | text        | YES  |     |         |                |
    +---------+-------------+------+-----+---------+----------------+
    The idea for the system is simple, you store a hash of the users password in the users field, something like:
    PHP Code:
    $username mysql_real_escape_string($_POST['username']);
    $password md5($_POST['password']);
    $rs mysql_query("SELECT * FROM `users` WHERE `uname`='{$uname}' AND `pword`='{$password}'");
    if(
    mysql_num_rows($rs)){// one or more rows
      
    $userInfo mysql_fetch_assoc($rs);
      
    $_SESSION['user'] = $userInfo['userId'];// get the users ID
      
    echo "now logged in as {$userInfo['uname']}";
    }else{
    // no rows
      
    echo "Username or password incorrect.";

    If you are using PHP please use the [PHP] and [/PHP] forum tags for highlighting...
    The same applies to HTML and the forums [HTML][/HTML] tags.

  12. #12
    Join Date
    Mar 2008
    Posts
    59
    Sweet your stil on...

    i got this lovley message.

    Code:
    Access denied for user 'thegould'@'localhost' (using password: NO)
    I gather its somthing i have done wrong, my guess, i have to add somthing like mySQL_connect or somthing first dont I? before i can even see the database...

  13. #13
    Join Date
    Jun 2003
    Location
    here
    Posts
    4,551
    Code:
    mysql_connect(HOST, username, password);
    Your host will probably be 'localhost', the username and password you would have set during install(at least for the root account, I recommend adding another user as soon as you can http://dev.mysql.com/doc/refman/5.1/...ing-users.html )
    If you are using PHP please use the [PHP] and [/PHP] forum tags for highlighting...
    The same applies to HTML and the forums [HTML][/HTML] tags.

  14. #14
    Join Date
    Mar 2008
    Posts
    59
    I just had a thought, and if im right, i think im doing this all wrong from the start lol...

    If I add my User and PWD for the data base in the PHP code, wont everyone be able to read the source code from my site and see it, or am i putting this code in the complete wrong area. I have just been making a .php page and navigating to that... dammit.

  15. #15
    Join Date
    Jun 2003
    Location
    here
    Posts
    4,551
    I would not put the code into the page, put it in an include.

    And your password will be safe as long as your server doesn't act up, PHP is processed on the server, not the browser.

    If you can put the file above your web root (normally something like /home/public_html (red hat servers like that)or /var/www (which debian defaults to)).
    If you are using PHP please use the [PHP] and [/PHP] forum tags for highlighting...
    The same applies to HTML and the forums [HTML][/HTML] tags.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles