PHP: Conditional webpage changing?

EvilCensor

EvilCensor

EvilCensor

Associate
Joined
24 Nov 2008
Posts
30
Location
London and North Carolina
I've been looking into PHP again after many years and seeing the joys it can offer a humble webpage but need pointing in the right direction from the gurulike entities that are present (is that enough butt kissing?) ;)

I'm trying to create a simple webpage permissions routine that accesses the cookie created by phpBB and identifies whether the user_id of the member is of a certain user_group.. and if so redirect to another page.

I have everything worked out but the page direct from php (can this even be done with php?).. will someone aid the old 'Censor in his time of need?
 
The easiest way to achieve redirection in PHP is to send a Location header to the browser, like so:

PHP: 
header('Location: http://google.com/'); // For external redirection.
header('Location: path/to/target.php'); // For internal redirection.

You should usually terminate the script (using exit or die) once you've sent a redirection header as well, unless there's something you specifically need to do afterwards (or if the script naturally stops there anyway).

Note that once content has been send to the browser (e.g. via echo), you can't send any more header information.
 
Last edited:
The page redirect is the easy bit, so I'll help you with that!

PHP: 
header("Location:http://someurl.com");

This needs to be called in the page before anything else, otherwise you'll get an error about the headers already having been sent. An easy way to overcome this, allowing you to stick the header() redirect anywhere in the code is to use buffer flushing.

PHP: 
ob_start();
include("stuffinyourheader.php");

// Code here

header("Location:http://someurl.com");

include("stuffinyourfooter.php");
ob_end_flush();


Edit: Must type quicker!
 
See what phpBB's APi is like, you'll probably need to include a file that phpBB uses for functions, then do stuff with them for fetching the cookie value and database guff.
 
Okay, I'm going to have to read up on header() but just to clarify (I'm getting senile so please forgive me).. this method would allow me to do the following (I've done the cookie stuff and MySQL referencing - it's simply the conditional redirects I am uncertain about passing to browser)?:

1) User selects the html link
2) A php file is run which checks for phpbb cookie user_id
3) The same PHP file opens the MySQL and pulls associated group_id
4) If group_id meets criteria then redirect to 'protected' page
5) Otherwise redirect to a 'please register/error' page

(btw - many thanks for the replies so far)
 
I'm not sure how phpBB is put together, but another way to do it might be to simply look to see if the phpBB session has been registered. That way you know that they're actually logged in.
 
Well as I've said I've done the checking and can identify if somone has rights :D

It's just basically forwarding them to the correct destination.. I'm not clear how to do that in php.. and if the header() method is how it should be done can the conditional PHP redirect people with different rights to different pages?

Knowledge of phpBB isn't needed in other words it's a PHP related issue :)
 
Something along these basic lines ought to do it:

PHP: 
<?php
if(isset($_COOKIE['somecookiename'])){

	$somecookiename = mysql_escape_string($_COOKIE['somecookiename']);
	$query = "SELECT user_id FROM phpbbtable WHERE something = '$somecookiename'";
	$result = mysql_query($query) or die(mysql_error());

	while($row = mysql_fetch_array($result)){
		$group_id = stripslashes($row['group_id']);
	}


	if($group_id==3){
		header("Location: private.php");
	}

	else{
		header("Location: login.php");
	}

}
?>
 
You must log in or register to reply here.
Back
Top Bottom