- Code:
<?
include("include/session.php");
if($session->logged_in){
echo "You are viewing the protected page";
}
else{
echo "You are not allowed to view this page";
}
?>
4 posters
Protecting Pages
Fred-Eric- Number of posts : 63
Registration date : 2007-05-13
- Post n°1
Protecting Pages
empecc- Number of posts : 12
Registration date : 2009-02-24
- Post n°2
Re: Protecting Pages
Another option.
- Code:
<?
include("include/session.php");
/* I'm using a " ! " in front of the "$session" that means "NOT".
*/ So, if session is NOT logged in...
if(!$session->logged_in){
/* This line will send the "not" logged in users to another page.
* However, I tried this on many locations inside my code, with errors.
*/ I believe you can never put this "header" code AFTER a "echo".
header("Location: redirection_webpage_here.php";
}
else
{
echo "You are allowed to view this page if you are logged in";
}
?>
empecc- Number of posts : 12
Registration date : 2009-02-24
- Post n°3
Re: Protecting Pages
I also use the $session->IsAdmin
Or when user has level 9 rights.
You can change "$session->userlevel == 9" into "$session->isAdmin"
For email adresses. So not everyone can see registered users email adresses.
This code is for userinfo.php
Or when user has level 9 rights.
You can change "$session->userlevel == 9" into "$session->isAdmin"
For email adresses. So not everyone can see registered users email adresses.
This code is for userinfo.php
- Code:
/* $session->isAdmin tells the browser; IF you are logged in as admin.
*/ show this, "else" (otherwise" show this
if($session->isAdmin){
// show this when you are logged in as Admin.
echo "<b>Username: ".$req_user_info['username']."</b><br>";
echo "<b>Email:</b> ".$req_user_info['email']."<br>";
echo "<b>Age:</b> ".$req_user_info['age']."<br>";
echo "<b>Real name:</b> ".$req_user_info['realname']."<br>";
echo "<b>Country:</b> ".$req_user_info['country']."<br>";
}
else
// Show this when you are logged in as Admin, user, or just a guest.
{
echo "<b>Username: ".$req_user_info['username']."</b><br>";
echo "<b>Age:</b> ".$req_user_info['age']."<br>";
echo "<b>Real name:</b> ".$req_user_info['realname']."<br>";
echo "<b>Country:</b> ".$req_user_info['country']."<br>";
}
Linchpin311- Number of posts : 220
Age : 38
Localisation : Long Island
Registration date : 2007-05-14
- Post n°4
Re: Protecting Pages
You are correct. the header function outputs HTML header information to the browser so this MUST be done before you do anything else.I believe you can never put this "header" code AFTER a "echo"
Actually i think you can get around this with output buffering, but if you are just looking to display a certain page depending on whether a user is logged in or not (or even by a users user level) after you have sent some HTML to the browser you may want to look into the include function.
consider the following...
- Code:
<?php include('session.php'); ?>
<html><head>
<title>My page.</title>
</head><body>
<div class="header">The Header</div>
<?php
if($session->IsAdmin){
include('page for administrators only');
}
elseif($session->logged_in){
include('page for regular users');
}
else{
include('page for not logged in users');
}
?>
<div class="footer">The Footer</div>
</body></html>
Doing things this way allows you to use the same page for headers and footers and still have the content be user specific. If you are trying to put
- Code:
header("Location: redirection_webpage_here.php");
Admin- Admin
- Number of posts : 18
Registration date : 2007-05-12
- Post n°5
Re: Protecting Pages
I like what Linchpin have just write, it is true that you cannot send header ('Location: somepage.html'); after echo's are already sent.
An other technique that I use is to create a variable $output then send the result at the end of each page like this
An other technique that I use is to create a variable $output then send the result at the end of each page like this
- Code:
<?php
$output = <<< eoe
<html>
<head>
<title></title>
</head>
<body>
eoe;
//if user is logged_in
if($session->logged_in){
print <<< eoe
<h1>You are logged in seeing page if looged in only</h1>
eoe;
}
//Only admin
else if($session->IsAdmin){
print <<< eoe
<h1>You are logged in as admin seeing by an admin only</h1>
eoe;
//this way you will be able to put header here inside your code
header('Location: redirected_page_here.html');
}
//every body else
else
{
print <<< eoe
<h1>You must logged in to view this page</h1>
eoe;
}
$output .= <<< eoe
</body></html>
eoe;
//lastline of output here
$print $output;
?>
|
|