javascript - Redirect a logged in user from login page to user dashboard with php -
i need manage php page redirection function.
i want logged in users redirect user dashboard instead of displaying login page typing address in browser's address bar. how prevent users display login page
login page codes given below
<?php include 'dbc.php'; $err = array(); foreach($_get $key => $value) { $get[$key] = filter($value); //get variables filtered. } if ($_post['dologin']=='login') { foreach($_post $key => $value) { $data[$key] = filter($value); // post variables filtered } $user_email = $data['user_email']; $pass = $data['pwd']; if (strpos($user_email,'@') === false) { $user_cond = "user_name='$user_email'"; } else { $user_cond = "user_email='$user_email'"; } $result = mysql_query("select `id`,`pwd`,`full_name`,`approved`,`user_level` users $user_cond , `banned` = '0' ") or die (mysql_error()); $num = mysql_num_rows($result); // match row found more 1 results - user authenticated. if ( $num > 0 ) { list($id,$pwd,$full_name,$approved,$user_level) = mysql_fetch_row($result); if(!$approved) { //$msg = urlencode("account not activated. please check email activation code"); $err[] = "account not activated. please check email activation code"; //header("location: login.php?msg=$msg"); //exit(); } //check against salt if ($pwd === pwdhash($pass,substr($pwd,0,9))) { if(empty($err)){ // sets session , logs user in session_start(); session_regenerate_id (true); //prevent against session fixation attacks. // sets variables in session $_session['user_id']= $id; $_session['user_name'] = $full_name; $_session['user_level'] = $user_level; $_session['http_user_agent'] = md5($_server['http_user_agent']); //update timestamp , key cookie $stamp = time(); $ckey = genkey(); mysql_query("update users set `ctime`='$stamp', `ckey` = '$ckey' id='$id'") or die(mysql_error()); //set cookie if(isset($_post['remember'])){ setcookie("user_id", $_session['user_id'], time()+60*60*24*cookie_time_out, "/"); setcookie("user_key", sha1($ckey), time()+60*60*24*cookie_time_out, "/"); setcookie("user_name",$_session['user_name'], time()+60*60*24*cookie_time_out, "/"); } header("location: dashboard.php"); } } else { //$msg = urlencode("invalid login. please try again correct user email , password. "); $err[] = "invalid login. please try again correct user email , password."; //header("location: login.php?msg=$msg"); } } else { $err[] = "error - invalid login. no such user exists"; } } ?>
i put codes got no effect. please elaborate , give example how exactly.
<?php include 'dbc.php'; if (isset ($_session['status_logged']) && $_session['status_logged'] = true) { header('location: dashboards.php'); } else { $_session['status_logged'] = false; } $err = array(); foreach($_get $key => $value) { $get[$key] = filter($value); //get variables filtered. } if ($_post['dologin']=='login') { foreach($_post $key => $value) { $data[$key] = filter($value); // post variables filtered } $user_email = $data['user_email']; $pass = $data['pwd']; if (strpos($user_email,'@') === false) { $user_cond = "user_name='$user_email'"; } else { $user_cond = "user_email='$user_email'"; } $result = mysql_query("select `id`,`pwd`,`full_name`,`approved`,`user_level` users $user_cond , `banned` = '0' ") or die (mysql_error()); $num = mysql_num_rows($result); // match row found more 1 results - user authenticated. if ( $num > 0 ) { list($id,$pwd,$full_name,$approved,$user_level) = mysql_fetch_row($result); if(!$approved) { //$msg = urlencode("account not activated. please check email activation code"); $err[] = "account not activated. please check email activation code"; //header("location: login.php?msg=$msg"); //exit(); } //check against salt if ($pwd === pwdhash($pass,substr($pwd,0,9))) { if(empty($err)){ // sets session , logs user in session_start(); session_regenerate_id (true); //prevent against session fixation attacks. // sets variables in session $_session['user_id']= $id; $_session['user_name'] = $full_name; $_session['user_level'] = $user_level; $_session['http_user_agent'] = md5($_server['http_user_agent']); $_session['status_logged'] = true; //new line //update timestamp , key cookie $stamp = time(); $ckey = genkey(); mysql_query("update users set `ctime`='$stamp', `ckey` = '$ckey' id='$id'") or die(mysql_error()); //set cookie if(isset($_post['remember'])){ setcookie("user_id", $_session['user_id'], time()+60*60*24*cookie_time_out, "/"); setcookie("user_key", sha1($ckey), time()+60*60*24*cookie_time_out, "/"); setcookie("user_name",$_session['user_name'], time()+60*60*24*cookie_time_out, "/"); } header("location: dashboard.php"); } } else { //$msg = urlencode("invalid login. please try again correct user email , password. "); $err[] = "invalid login. please try again correct user email , password."; //header("location: login.php?msg=$msg"); } } else { $err[] = "error - invalid login. no such user exists"; } } ?>
Comments
Post a Comment