0

hay all, I currently develop a website using php
but I very newbie in php programming
I have login issues here, I create a login sytem I success to make that, in my web after login page it will go to admin page but when I click browser's back button in the admin page again. I try to put session in login page and identify it in the admin page but it doesn't work. here is my code

login page

<?php 
session_start(); 
$_SESSION['page'] =1 ;
?>

//login form

admin page

if(isset($_SESSION['page'])=='1' ) {
	header("Location: admin.php");
	
	}
	?>

thank you in advance

3
Contributors
7
Replies
8
Views
5 Years
Discussion Span
Last Post by fredy91
0

I have login issues here, I create a login sytem I success to make that, in my web after login page it will go to admin page but when I click browser's back button in the admin page again. I try to put session in login page and identify it in the admin page but it doesn't work. here is my code

is not clear. Please take your time to write so we can understand what you want.

0

is not clear. Please take your time to write so we can understand what you want.

I just want that I login and go to admin page then if I click back button in the browser I don't go to login page again. sorry to make you confuse,,,

0

Why do you want to redirect to the admin page if you are already in the admin page?

Just like in facebook after login I cannot go to login page again using back button in browser

0

So the code from the second block is actually not in admin.php but in intermediate page. Unset session variable in admin.php if you do not need it anymore otherwise you are running in circles.

unset($_SESSION['page']);
0

Try this
login_form.php

<?php
    session_start();
    if(!isset($_SESSION['page']))
    {
        $_SESSION['page'] = 1;
    }
    
     //User has logged in, prevent user from accessing this page by redirecting user to admin.php
    if($_SESSION['page'] == 2) 
    {
        header("Location: admin.php");
    }
?>
<!DOCTYPE HTML>
<html>
    <head>
        <title>LOGIN</title>
    </head>
    <body>
        <form method="POST" action="login.php">
            Username: <input type="text" name="user"/><br />
            Password: <input type="password" name="pass"/><br />
            <input type="submit" value="LOGIN"/>
        </form>
    </body>
</html>

login.php

<?php
    //Validate user input
    $user = mysql_real_escape_string($_POST['user']);
    $pass = mysql_real_escape_string($_POST['pass']);
    
    //Authenticate user
    $result = "SELECT * FROM your_user_table WHERE username_field = '".$user."' AND password_field = '".$pass."' LIMIT 1";
    if(mysql_num_rows($result) == 1) 
    {
        //Authentication passed, start session and initialize necessary session variables
        session_start();
        $_SESSION['user'] = $user;
        $_SESSION['page'] = 2; //SET TO 2 HERE
        header("Location: admin.php");
    }
    
    //Authentication failed
    header("Location: fail.php");
?>

admin.php

<?php
    session_start();
    //Redirect user to login page if user tries accessing this page without first passing authentication
    if(!isset($_SESSION['user']) || $_SESSION['page'] != 2)
    {
        header("Location: login_form.php");
    }
    
    //Display welcome message
    echo "Welcome, ".$_SESSION['user'];
?>

fail.php

<?php
    session_start();
    if(!isset($_SESSION['page']))
    {
        $_SESSION['page'] = 1;
    }
    
    //User has logged in, prevent user from accessing this page by redirecting user to admin.php
    if($_SESSION['page'] == 2) 
    {
        header("Location: admin.php");
    }

?>
<!DOCTYPE HTML>
<html>
    <head>
        <title>LOGIN</title>
    </head>
    <body>
        Invalid username or password!
        <form method="POST" action="login.php">
            Username: <input type="text" name="user"/><br />
            Password: <input type="password" name="pass"/><br />
            <input type="submit" value="LOGIN"/>
        </form>
    </body>
</html>

Edited by cossay: n/a

0

I already solve it. I am using javascript. looks like this

<script language="javascript" >
history.go(1); 
</script>

thank you for your advice

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.