No announcement yet.


  • Filter
  • Time
  • Show
Clear All
new posts

  • Php

    Well, I've been to the corners of the internet trying to find something to do what I want to do (confused yet?)

    Alright, I've been searching for a PHP way to do it, maybe I should be doing it in a different language (if so please let me know ) So lets get started...
    1.) I've got a PHP script.
    2.) The script is to log a user in to the site.
    3.) Structure of files on server:
    /www/zlogin/ProcessLogin.php <-- really the only script used in zlogin folder
    /www/zlogin/*various other scripts for registering and adding user to database
    /www/zspam/login.php <-- page that contains form that posts data and action="../zlogin/ProcessLogin.php"

    4.) What happens:
    Ok, the user is already registered, the login form is included in another file, user can type in login information and click the "Login!" button the user is logged in. BUT in the ProcessLogin.php after authenticating the username and password and if the user is activated it echos "You are now logged in." Thats great and all, and I can click back once and see what I was just viewing but thats too slow I think.

    5.) What I would like to happen:
    User is viewing a page, to view certain part of the page login is required, user puts in login information. User is logged in but still viewing same page.

    EX) A page is showing news then a box for logging in, after the login data is entered and is correct the box disappears and the "hidden" information is shown.

    Where I've seen something close to what I would like:
    Google is a good place
    User makes a search, clicks the sign in button in corner and signs in then is returned to the page of the search they made.
    During this process the user can clear cookies and still be brought back to the same page. How?
    Does google store what you searched for by IP for some limited time and if you login then it knows where you were?

    Any direction in this would be appreciated. If you need to see the scripts and all lemme know

    EDIT: Well after more snooping I found that Google puts the search page you are on into the URL for logging in, something like:
    I guess after logging in it take that continue thing and redirects you there, header(url); maybe?
    similar to logging out on a search page too
    Last edited by SpamSlayer; 26th May 2007, 02:20 AM.

  • #2
    ok, so what you're looking to do is simply redirect the user back to where they came from?

    Simple! If you look at the $_SERVER array, you'll find it contains that information for you. It's probably worthwhile to toss something like this in a test script:
    PHP Code:
    echo '<pre>';
    That will output the array in a (mostly) readable format. As you can see there's lots of information there, but you're probably most concerned with the SCRIPT_NAME field, it contains the path to the script from the web root.

    Then, there's a few different ways to do it. If you're doing it the google way, you'd pass the url to the next script using a $_GET variable, and then redirect there after the login. But I'll leave you to decide that on your own.
    It's not my fault everything you like is terrible.


    • #3
      Trying it a few different ways, HTTP_REFERER
      Think I may put it into a if statement that way if its null then they'll get directed somewhere ^^

      I should probably read that whole page before I ask anymore >.<


      • #4
        Careful with HTTP_REFERER, it will point to whatever site they came from. You don't want your page redirecting them back to google or any other site that links to that page.
        It's not my fault everything you like is terrible.


        • #5
          oh yeah...
          something more to think about then...

          came to ask another question though. I have a login.php file that just has a small script to check if they are logged in or not if they are it displays a link to homepage, if not then they get a login box.
          the login box has that action=processlogin.php
          All that is in processlogin.php is taking the posted data and checking it against the database, if it is right they go to homepage, if not they get error and login form again (login.php)

          now, should i put both of these files into one file or keep them separate as send and process files?


          • #6
            Heres how I would do things, though it's really a personal preference.
            Note that this code is barebones and not fit for use on a live site... It needs checks for the sake of security, and I count at least two bugs. But it should give you an idea of how things would go.

            login.php would handle all of the login process:
            PHP Code:
            //Firstly, are we already logged in?
            //We are! Redirect.
            header('Location: index.php');

            //Is a login request being sent?
            //Check the database etc.
            if($validLogin//If username and password are correct
            //Set up any session vars, etc.
                    //Then do something like this to redirect the page:
            header('Location: '$_POST['from']);
            //kill the script, we're done here
            //else do nothing, and the login box will be displayed again.

            //If the user came from a specific page, we will redirect there later
            $from $_GET['from'];
            $from 'index.php'//We will redirect to index.php otherwise

            <form action="login.php" method="POST">
            <!-- your username and password inputs -->
            <input type="hidden" name="from" value="<?php echo $from?>">
            <!--This will pass the "from" script back in so we know where to redirect to.-->
            And now, to supply $_GET['from'] to the login file so it can redirect back, use links like this:

            HTML Code:
            <a href="login.php?from=somepage.php">Log in</a>
            You can also generate those links dynamically using $_SERVER['SCRIPT_NAME'], which is what I was talking about in the first place.
            It's not my fault everything you like is terrible.


            • #7
              Thanks -- wrote a whole file

              Is using die and exit also a preference?
              Is there a possibility of one being outdated and not used anymore?


              • #8
                No, PHP seems to implement functions multiple times. You'll get used to it if you code enough PHP.

                Also, might want to use htmlspecialchars when you echo the data back to the webpage.


                • #9
                  That explains some problems >.< Guess I can add all the stuff I cut out with that >.<

                  Will a ' and " make a difference when checking the page for XHTML 1.1?


                  • #10
                    Be consistant and always use double quote ".


                    • #11
                      For sql though
                      $sql = "SELECT * FROM members WHERE actcode = '$actcode' AND username = '$username'";
                      I have to use the ' in the places they are in, right?

                      So if I have
                      PHP Code:
                      echo "Your account has been activated! You may now <a href='login.php'>login</a>"
                      instead of
                      PHP Code:
                      <a href='login.php'
                      i should use
                      PHP Code:
                      <a href=&quot;login.php&quot;> 

                      more edit:
                      when checking to see if the actcode is set to null or nothing, I use
                      PHP Code:
                      if($actcode == null
                      is there a different/shorter way to check that? like
                      PHP Code:
                      if(!$actcode// will this even work? 
                      Last edited by SpamSlayer; 31st May 2007, 12:46 PM.