Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 7 of 7
  1. #1
    New to the CF scene
    Join Date
    Aug 2011
    Posts
    3
    Thanks
    1
    Thanked 0 Times in 0 Posts

    PHP Login Redirect By User

    Hi,

    i have a basic login script that directs users to a page once logged in, i would like to direct different users to different pages based on their username

    eg; user1 would log in and be directed to domain.com/user1
    user2 would log in and be directed to domain.com/user2

    also, user2 shouldn't be able to change the address to domain.com/user1 and be allowed access to that folder and so on.

    the usernames and passwords are stored in a mysql db and there is no requirement for the users to be able to change them.

    Am i right in thinking this is the bit of code i need to change?

    PHP Code:
    function validate_user($un$pwd) {
            
    $mysql = New Mysql();
            
    $ensure_credentials $mysql->verify_Username_and_Pass($unmd5($pwd));
            
            if(
    $ensure_credentials) {
                
    $_SESSION['status'] = 'authorized';
                
    header("location: index.php");
            } else return 
    "Please enter a correct username and password";
            
        } 
    Please could someone offer some help/advice on how to implement this?

    Thanks

  • #2
    New Coder
    Join Date
    Aug 2011
    Posts
    46
    Thanks
    9
    Thanked 2 Times in 2 Posts
    Why don't you make the file with the MKDIR function and then create a meta-tag that redirects them when they log in?

  • #3
    Senior Coder
    Join Date
    Jul 2011
    Posts
    1,226
    Thanks
    3
    Thanked 171 Times in 171 Posts
    Quote Originally Posted by GreenFanta View Post
    Why don't you make the file with the MKDIR function and then create a meta-tag that redirects them when they log in?
    Odd way of doing it.

    What you should do, in my opinion, is change the location header to (assuming $un is your username):
    PHP Code:
    header('location: http://www.domain.com/'.$un); 
    That way, every time someone logs in as user1 they will be redirected to domain.com/user1. The code that handle's that url should check and compare the user and the URI to make sure the user is on the right page, and provide an error if they're on someone elses - or a public overview of that user.

  • Users who have thanked BluePanther for this post:

    Jager616 (08-30-2011)

  • #4
    New to the CF scene
    Join Date
    Aug 2011
    Posts
    3
    Thanks
    1
    Thanked 0 Times in 0 Posts
    BluePanther, thanks for your help.

    I have implemented the $un into my code and now looks something like this

    PHP Code:
    header("location: users/$un/index.php"); 
    This is working well apart from being accessible by others when logged in.

    If 'Batman' logs in he gets redirected to domain.com/users/batman/index.php
    apart from then, you can change the address in the address bar to domain.com/users/superman/index.php and this loads. =(

    on the index.php i have the following code

    PHP Code:
    <?php

    require_once '../../classes/Membership.php';
    $membership = New Membership();

    $membership->confirm_Member();

    ?>
    is it possible to make this reference the username so only the right person can access it?

    Thanks


    Quote Originally Posted by BluePanther View Post
    Odd way of doing it.

    What you should do, in my opinion, is change the location header to (assuming $un is your username):
    PHP Code:
    header('location: http://www.domain.com/'.$un); 
    That way, every time someone logs in as user1 they will be redirected to domain.com/user1. The code that handle's that url should check and compare the user and the URI to make sure the user is on the right page, and provide an error if they're on someone elses - or a public overview of that user.

  • #5
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    Wait. Why are you making new pages for each user? The purpose of PHP is to handle dynamic data to do so as you see fit. There is no reason why a specific user requires a page of their own, rather you would create a page and provide it with input on WHAT data to process and go from there. So you wouldn't move to site.com/batman/index.php, you would move to site.com/index.php?user=batman. Proper controls in your management system for users will deem who can see what, and you needn't worry about access to directories at all (since you cannot control that with filesystem permissions).

  • #6
    New to the CF scene
    Join Date
    Aug 2011
    Posts
    3
    Thanks
    1
    Thanked 0 Times in 0 Posts
    To be honest my PHP knowledge is VERY limited, I have used what I am working on from following a tutorial.

    What I am trying to do is create a login, so I can give out a user/pass and someone can log in and see a few HTML pages I have put together.

  • #7
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    These can still all be served in this manner.
    In PHP, you can verify a login attempt and store the user in a session. This session can be re-established to determine if they have access to these files. What you then do is store all these files above the public_html of you're published directory, and serve them from PHP (a new script, say getfile.php, and provide which file they want to access). Its more complicated than a standard user directory structure, but saves tonnes of storage space and can actually be controlled.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •