I'm trying to prevent not signed in users to my webpage access to a certain file. I have this if statement at the top of the file I want to have restricted access.
<?php
session_start();
if (isset($_SESSION['user']) && $_SESSION['user'] == true) {
echo "Welcome to the member's area, " . $_SESSION['user'] . "!";
} else {
echo "Please log in first to see this page.";
header ('index.php');
}
?>
The thing is that if I'm signed in I do get the "Welcome to members area". And if I'm not signed in I get echo "Please log in first to see this page. However the HTML in the restricted is still showing. The user name and password are stored in a MySQL database.
It's probably better to reverse the order that you do this, so you don't have to contain all of your code in a block, and you can kill your page if the user is not logged in.
session_start();
//empty does both of the checks you are doing at once
//check if user is logged in first
if(empty($_SESSION['user'])) {
//give error and start redirection to login page
//you may never see this `echo` because the redirect may happen too fast
echo "Please log in first to see this page.";
header('Location: index.php');
//kill page because user is not logged in and is waiting for redirection
die();
}
echo "Welcome to the member's area, " . $_SESSION['user'] . "!";
//more page code here
Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.
About the technologies asked in this question
PHP
PHP (from the English Hypertext Preprocessor - hypertext preprocessor) is a scripting programming language for developing web applications. Supported by most hosting providers, it is one of the most popular tools for creating dynamic websites.
The PHP scripting language has gained wide popularity due to its processing speed, simplicity, cross-platform, functionality and distribution of source codes under its own license. https://www.php.net/
MySQL
DBMS is a database management system. It is designed to change, search, add and delete information in the database. There are many DBMSs designed for similar purposes with different features. One of the most popular is MySQL.
It is a software tool designed to work with relational SQL databases. It is easy to learn even for site owners who are not professional programmers or administrators. MySQL DBMS also allows you to export and import data, which is convenient when moving large amounts of information. https://www.mysql.com/
HTML
HTML (English "hyper text markup language" - hypertext markup language) is a special markup language that is used to create sites on the Internet.
Browsers understand html perfectly and can interpret it in an understandable way. In general, any page on the site is html-code, which the browser translates into a user-friendly form. By the way, the code of any page is available to everyone. https://www.w3.org/html/
Welcome to programmierfrage.com
programmierfrage.com is a question and answer site for professional web developers, programming enthusiasts and website builders. Site created and operated by the community. Together with you, we create a free library of detailed answers to any question on programming, web development, website creation and website administration.
Get answers to specific questions
Ask about the real problem you are facing. Describe in detail what you are doing and what you want to achieve.
Help Others Solve Their Issues
Our goal is to create a strong community in which everyone will support each other. If you find a question and know the answer to it, help others with your knowledge.
This site uses cookies. We use them to improve the performance of our website and your interaction with it. Confirm your consent by clicking OK