PHP help

[Tom L]

I am not very good with this PHP or SQL malarky. Infact, I couldn't write it for toffee but I can follow bits.

I have downloaded this free script called PHP Login Script 2.0 and the code redirects all users to the same page (myaccount.php) - I would like each user to be redirected to their specific page though when logging in.

i.e.
- Person 1 logs in and is redirected to Page1.php
- Person 2 logs in and is redirected to Page2.php

In the database, I use to have 3 fields for id, username and password but I have just created a new field for 'destination' where I thought the page name they were allocated to could be stored.

For the code I currently have for the redirection, I have the standard:

header("Location: myaccount.php");

I appreciate this post is probably quite vague and I need to put more PHP in to identify what the destination page is for each user when they log in so I would appreciate any guidance etc on this.

Thanks

 

[Tilluss]

Why would you want to direct to an individual page for each individual user? Thats my first question.

If it's so that you can make the page unique to that user e.g their own colours or own options/layout then that can be done through 1 .php page.

Without knowing exactly what your trying to achieve it's a bit hard to explain but lets say that at the top of the page you want to say 'Welcome <insert user name>', the code would be something like:

 // This would be the username from the text input from the login page
$user = $_POST["user"];

//Now output the HTML with the users name in place
echo "<centre>Welcome " . $user . "</centre>";

Thats a very basic example, but without knowing a bit more it's hard to give anything specific

 

[suarve]

Before header("Location: myaccount.php"); bit, just fetch the redirect page name/id from your database and redirect to that

$sql = "SELECT redirect_page FROM users WHERE user_id = '1'.

Then change

header("Location: myaccount.php");

to

header("Location: "'.$user['$redirect_page'.'"");

You'll probably need to record the actual user level too as you wouldn't want a logged in normal user getting access to your main admin page - which would be possible if your just checking if the the user is logged in for secure pages.

 

[Tom L]

Thanks for your input so far.

I basically want each user to be able to access their own individual page which each will have some standard links to downloadable docs.

The page they will be redirected to will be completely standard but I just need the correct coding which will redirect the user, when they have logged in, to their relevant page.

Ideally, my client will use this front-end form I have to create a username and password (along with id) in the database. Then he would log in to phpMyAdmin, edit the user entry and manually enter the page name (he would manually create this page and upload it via FTP) he would like the user to be redirected to when they log in.

I manually created the 'destinations' field alongside my username/password entry and entered the page client1.php as an example. Now, when I go to log in using my username and password, i would like to be redirected to client1.php, whereas, at the moment, the code within the PHP login file is pointing to that header / myaccount.php at the moment.

Does this help?

p.s. suarve, I tried entering your coding and got an error:

Parse error: syntax error, unexpected T_STRING in /home/misbour/public_html/new/login/login.php on line 54

As I said, I'm useless at PHP but I'm guessing something in that sql line is wrong, maybe?

 

[suarve]

snip

Ah, that's me typing to fast - whenever you see a error relating to 'T_STRING' its usually quotes/missed semi colon, try:

/* Get redir page from database */

//$redir_page = $user['redirect_page'];
$redir_page = 'clients1.php';

header('Location: '.$redir_page.'');

The sql query I posted is just a sample, you'd need to change it to match your database E.g.

$sql = "SELECT destination from users WHERE id = '1' LIMIT 1";

 

[Tilluss]

EDIT: never mind suarve beat me to the fix xD

 

[Tom L]

Thanks for the replies again. I think I'm just stupid. Hopefully someone can help again!

Right, my file currently contains:

$sql = "SELECT destination from users WHERE id = '1' LIMIT 1";  
			
$redir_page = 'clients1.php';

header('Location: '.$redir_page.'');

In the database, I created an additional field called 'destination' (does it matter if the Type = text or does it need to be varchar(200) or anything particular?!). I edited my entry in the database and under 'destination', put down 'client1.php' and hit save.

For each login, I would like a different page name so each user is redirected to their own page. Please can someone help me with the PHP code so it detects what username/password is logging in and then view the value under destination and redirect them to that page?

I can basically set up the PHP template and upload it via FTP, then put the page name in the database row. I just need the login form to detect the user and redirect accordingly.

Thanks

 

[suarve]

Thanks for the replies again. I think I'm just stupid. Hopefully someone can help again!

Right, my file currently contains:

$sql = "SELECT destination from users WHERE id = '1' LIMIT 1";  
            
$redir_page = 'clients1.php';

header('Location: '.$redir_page.'');

In the database, I created an additional field called 'destination' (does it matter if the Type = text or does it need to be varchar(200) or anything particular?!). I edited my entry in the database and under 'destination', put down 'client1.php' and hit save.

For each login, I would like a different page name so each user is redirected to their own page. Please can someone help me with the PHP code so it detects what username/password is logging in and then view the value under destination and redirect them to that page?

I can basically set up the PHP template and upload it via FTP, then put the page name in the database row. I just need the login form to detect the user and redirect accordingly.

Thanks

Oh I see now

You need to query your databse each time to get the redirect page - you don't hard code the value of $redir_page. You'll need something like the below:

/* Above, log in user and check password. If correct return userid from database - have used 1 as an example */
$user_id = 1;
//Your sql query to select the desination from your users database
$sql = "SELECT destination from users WHERE id = '{$user_id}' LIMIT 1";      

//run sql query on database
$result = mysql_query($sql) or die(mysql_error());

//Get result from your sql query
$row = mysql_fetch_array($result) or die(mysql_error());

//the user's personal redirect page
$redir_page =  $row['destination'];

//as above, redirect to users personal page
header('Location: '.$redir_page.'');

Personally, I'd recommend creating a single logged in page and doing checking user levels/permissions there - this way you don't need to create a new page for each user - depends on exactly what you need to do though.

There's a really good tutorial explaining how to do mysql stuff here - http://www.w3schools.com/PHP/php_mysql_intro.asp

 

[marc2003]

Ideally, my client will use this front-end form I have to create a username and password (along with id) in the database. Then he would log in to phpMyAdmin, edit the user entry and manually enter the page name (he would manually create this page and upload it via FTP) he would like the user to be redirected to when they log in.

i don't know whether to laugh or cry. please don't tell me this is a paying client?

 

[Tom L]

Thanks for that code - the client is use to working in phpMyAdmin and they're not paying either! For a family friend.

Re the code above:

/* Above, log in user and check password. If correct return userid from database - have used 1 as an example */
$user_id = 1;
//Your sql query to select the desination from your users database
$sql = "SELECT destination from users WHERE id = '{$user_id}' LIMIT 1";

What would be the PHP for querying the database and pulling out the relevant ID when they have logged in?

I have one account so far which is mine and the ID is 54. If I change the code above to be id = 54, then it will pull out the destination value but I obviously hard coded the id part in. So, basically, would be to the code to detect what username and password has logged in so it can detect the ID, then detect the destination for that ID?

Thanks!

 

[suarve]

Thanks for that code - the client is use to working in phpMyAdmin and they're not paying either! For a family friend.

Re the code above:

/* Above, log in user and check password. If correct return userid from database - have used 1 as an example */
$user_id = 1;
//Your sql query to select the desination from your users database
$sql = "SELECT destination from users WHERE id = '{$user_id}' LIMIT 1";

What would be the PHP for querying the database and pulling out the relevant ID when they have logged in?

I have one account so far which is mine and the ID is 54. If I change the code above to be id = 54, then it will pull out the destination value but I obviously hard coded the id part in. So, basically, would be to the code to detect what username and password has logged in so it can detect the ID, then detect the destination for that ID?

Thanks!

Honestly that's really basic stuff. I'd recommend having a quick read through a mysql tutorial on tizag or w3schools - all the code I and others have posated will make a lot more sense then

 

[gord]

Look at building you're own login script. You arnt understanding most of the help because you have skipped what is fundamentally the most important part of your project at the moment. Reading Tizags php and mysql sections will really help you.

The login script should set you up perfectly in terms of:

Checking username and password combination
If correct, using username to get the associated ID and redirect based on that ID

This is a really poor use of PHP though. One of its key points is dynamic content. So you should really be looking to not redirect to a different page based on ID, but display different content through the same PHP page. Why can't you put the links into another table and pull them out based on the users ID?

 

[robmiller]

Ideally, my client will use this front-end form I have to create a username and password (along with id) in the database. Then he would log in to phpMyAdmin, edit the user entry and manually enter the page name (he would manually create this page and upload it via FTP) he would like the user to be redirected to when they log in.

good god

 

[Mattus]

Ideally, my client will use this front-end form I have to create a username and password (along with id) in the database. Then he would log in to phpMyAdmin, edit the user entry and manually enter the page name (he would manually create this page and upload it via FTP) he would like the user to be redirected to when they log in.

Please don't do this. It's

a) really tedious
b) really likely to go wrong
c) a really big security risk.

What happens when the client accidentally deletes your whole database, or changes the table to give himself access to someone else's page, or changes someone else's page so it installs malware?

Can't you see why giving clients access to your database and FTP servers is a disastrous idea?

 

[robmiller]

Even ignoring the security aspects it's just hilariously convoluted and unusable

It's not even like it's easy to design but hard to use, like most bad interfaces: it's incomprehensible at every level