login issue

Question

fredy91 14 Newbie Poster

12 Years Ago

hay all, I currently develop a website using php
but I very newbie in php programming
I have login issues here, I create a login sytem I success to make that, in my web after login page it will go to admin page but when I click browser's back button in the admin page again. I try to put session in login page and identify it in the admin page but it doesn't work. here is my code

login page

<?php 
session_start(); 
$_SESSION['page'] =1 ;
?>

//login form

admin page

if(isset($_SESSION['page'])=='1' ) {
	header("Location: admin.php");
	
	}
	?>

thank you in advance

php

3 Contributors
7 Replies
157 Views
3 Days Discussion Span
Latest Post 12 Years Ago Latest Post by fredy91

cossay 7 Junior Poster

12 Years Ago

I have login issues here, I create a login sytem I success to make that, in my web after login page it will go to admin page but when I click browser's back button in the admin page again. I try to put session in login page and identify it in the admin page but it doesn't work. here is my code

is not clear. Please take your time to write so we can understand what you want.

broj1 356 Humble servant

12 Years Ago

Why do you want to redirect to the admin page if you are already in the admin page?

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

fredy91 14 Newbie Poster · Answer 1 · 2012-01-20T15:03:05+00:00

is not clear. Please take your time to write so we can understand what you want.

I just want that I login and go to admin page then if I click back button in the browser I don't go to login page again. sorry to make you confuse,,,

fredy91 14 Newbie Poster · Answer 2 · 2012-01-20T15:05:24+00:00

Why do you want to redirect to the admin page if you are already in the admin page?

Just like in facebook after login I cannot go to login page again using back button in browser

broj1 356 Humble servant Featured Poster · Answer 3 · 2012-01-20T15:07:55+00:00

So the code from the second block is actually not in admin.php but in intermediate page. Unset session variable in admin.php if you do not need it anymore otherwise you are running in circles.

unset($_SESSION['page']);

cossay 7 Junior Poster · Answer 4 · 2012-01-20T16:00:30+00:00

Try this
login_form.php

<?php
    session_start();
    if(!isset($_SESSION['page']))
    {
        $_SESSION['page'] = 1;
    }
    
     //User has logged in, prevent user from accessing this page by redirecting user to admin.php
    if($_SESSION['page'] == 2) 
    {
        header("Location: admin.php");
    }
?>
<!DOCTYPE HTML>
<html>
    <head>
        <title>LOGIN</title>
    </head>
    <body>
        <form method="POST" action="login.php">
            Username: <input type="text" name="user"/><br />
            Password: <input type="password" name="pass"/><br />
            <input type="submit" value="LOGIN"/>
        </form>
    </body>
</html>

login.php

<?php
    //Validate user input
    $user = mysql_real_escape_string($_POST['user']);
    $pass = mysql_real_escape_string($_POST['pass']);
    
    //Authenticate user
    $result = "SELECT * FROM your_user_table WHERE username_field = '".$user."' AND password_field = '".$pass."' LIMIT 1";
    if(mysql_num_rows($result) == 1) 
    {
        //Authentication passed, start session and initialize necessary session variables
        session_start();
        $_SESSION['user'] = $user;
        $_SESSION['page'] = 2; //SET TO 2 HERE
        header("Location: admin.php");
    }
    
    //Authentication failed
    header("Location: fail.php");
?>

admin.php

<?php
    session_start();
    //Redirect user to login page if user tries accessing this page without first passing authentication
    if(!isset($_SESSION['user']) || $_SESSION['page'] != 2)
    {
        header("Location: login_form.php");
    }
    
    //Display welcome message
    echo "Welcome, ".$_SESSION['user'];
?>

fail.php

<?php
    session_start();
    if(!isset($_SESSION['page']))
    {
        $_SESSION['page'] = 1;
    }
    
    //User has logged in, prevent user from accessing this page by redirecting user to admin.php
    if($_SESSION['page'] == 2) 
    {
        header("Location: admin.php");
    }

?>
<!DOCTYPE HTML>
<html>
    <head>
        <title>LOGIN</title>
    </head>
    <body>
        Invalid username or password!
        <form method="POST" action="login.php">
            Username: <input type="text" name="user"/><br />
            Password: <input type="password" name="pass"/><br />
            <input type="submit" value="LOGIN"/>
        </form>
    </body>
</html>

fredy91 14 Newbie Poster · Answer 5 · 2012-01-24T07:34:19+00:00

I already solve it. I am using javascript. looks like this

<script language="javascript" >
history.go(1); 
</script>

thank you for your advice