0

Hi,

I have a "check_login" function which checks whether the user is logged in or not and if it isn't, redirects them to "login.php". When I try going to the page whilst logged in, it displays as it should. However, when I'm logged out and I try it, instead of sending me to the "login.php" page, it displays "The page isn't redirecting properly: Firefox has detected that the server is redirecting the request for this address in a way that will never complete."

Here is the check_login function:

function check_login() {

session_start();
if (!isset($_SESSION['user'])) {

header('Location: login.php');

}

}

Any help would be much appreciated.

3
Contributors
9
Replies
16
Views
4 Years
Discussion Span
Last Post by lisandroivan
0

Looking at the aspect of seeing only a function for checking if the user's loggedin, and if not would redirect, clearly, there's no problem. :)

Can you show us the logout script and your login? Specifically in the logout script the part where you unset the "user" variable in the session.

0

Sure. Here is the login.php:

<?php
include("db.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
// username and password sent from Form
$username=mysql_real_escape_string($_POST['username']); 
$password=mysql_real_escape_string($_POST['password']); 
$password = sha1($password);
$sql="SELECT * FROM client_login WHERE Username='$username' and Password='$password'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
$row = mysql_fetch_array($result);
$client_ref = $row['Client_ref'];
$user_level = $row['user_level'];
// If result matched $username and $password, table row must be 1 row
if($count==1)
{

$_SESSION['user_level'] = $user_level;
if (isset($_client_ref)) {
$_SESSION['client_ref'] = $client_ref;
}
$_SESSION['user'] = $username;

if ($user_level == '1') {
header('Location: admin.php');
} else {

header('Location: myaccount.php');
}
}
else 
{
$_SESSION['oops'] = "USERNAME OR PASSWORD INCORRECT";
header('Location: error.php');
}
}
?>
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
<title>Contisec Portal</title>

<link rel="stylesheet" href="css/style.css" />

</head>

<body>



<form method="post" action="login.php">

    <h2>CONTISEC PORTAL</h2>

    <input type="text" name="username" class="text-field" placeholder="Username" />
    <input type="password" name="password" class="text-field" placeholder="Password" />

    <input type="submit" value="LOG IN BITCH!" class="button" />

</form>

</body>
</html>

Here is the logout.php:

<?php

session_start();
session_destroy();

header('Location: login.php');



?>

Here is the login_fns.php file from where I took the check_login function:

<?php


function check_login() {

session_start();
if (!isset($_SESSION['user'])) {

header('Location: login.php');

}

}



function check_admin() {

if ($_SESSION['user_level'] != '1') {

header('Location: myaccount.php');

}

}

function check_user() {

if ($_SESSION['user_level'] != '0') {

header('Location: admin.php');

}

}

?>
0

Also, here is one of the pages where check_function is called:

<?php

include("login_fns.php");
check_login();
check_admin();

?>


<!DOCTYPE html>
<html lang="en">
  <head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  <title>CONTISEC PORTAL - ADMIN <?php echo "(",$_SESSION['user'],")"; ?></title>
  <link rel="stylesheet" href="buttcss/gstyle_buttons.css" type="text/css"  media="screen">
  <style>

 body {

    background: #CCCCCC
}

h1 {



} 

.buttons {

    background: #F1F1F1;
    padding: 11px;
    border: 1px solid #D2D2D2;
    width: 843px;
    margin-bottom: 20px;
}
#container {
    text-align: left;
    background: #CCCCCC;
    width: 865px;
    margin: 300px auto 0;
    padding: 20px;

}
h1 {
font-family: arial;
font-size: 30px;
font-weight: bold;
color: #3c659b;
text-transform: capitalize;
font-style: normal;
line-height: normal;
font-variant: normal;
word-spacing: normal;
display:inline;
margin-left: auto;
margin-right: auto;
width: 211px; - these are the size of the layer
height: 45px;
text-indent: 0px;
}



  </style>
  </head>
  <body>

  <div id="container">
    <div class="buttons">
      <a href="#"><button class="action bluebtn"><span class="label">CREATE NEW ACCOUNT</span></button></a>
      <button class="action redbtn"><span class="label">EDIT ACCOUNT</span></button>
      <button class="action greenbtn"><span class="label">IMPORT EDI TEXT FILES</span></button>
      <a href="logout.php"><button class="action"><span class="label">LOG OUT <?php echo "(",$_SESSION['user'],")"; ?> </span></button></a>
    </div>


  </div>

</body>
</html>
0

Hmm.. Seems there's no way you'd go in a loop here though.

What is the address when you see the redirection loop error points to? or on what script file?

0

When I try new_user.php, it goes to admin.php and then displays the error message. If I go to admin.php, it stays on the same page and also displays the error.

0

Correct me if I'm wrong:

Admin owns

  • admin.php

uses check_admin() while

User owns

  • new_user.php

uses check_user()

So, when you try to access new_user.php as an ADMIN it would redirect you to admin.php. And as an ADMIN, when you're in admin.php no redirection will happen.
Is admin.php the last file you posted?

0

No. User owns myaccount.php
When you're logged into either account, the redirection works fine. In the case of admin, you can access admin.php and new_user.php whereas user can only access myaccount.php
I'll post admin.php.

0

This is the admin.php code:

<?php

include("login_fns.php");
check_login();
check_admin();

?>


<!DOCTYPE html>
<html lang="en">
  <head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  <title>CONTISEC PORTAL - ADMIN <?php echo "(",$_SESSION['user'],")"; ?></title>
  <link rel="stylesheet" href="buttcss/gstyle_buttons.css" type="text/css"  media="screen">
  <style>

 body {

    background: #CCCCCC
}

h1 {



} 

.buttons {

    background: #F1F1F1;
    padding: 11px;
    border: 1px solid #D2D2D2;
    width: 843px;
    margin-bottom: 20px;
}
#container {
    text-align: left;
    background: #CCCCCC;
    width: 865px;
    margin: 300px auto 0;
    padding: 20px;

}
h1 {
font-family: arial;
font-size: 30px;
font-weight: bold;
color: #3c659b;
text-transform: capitalize;
font-style: normal;
line-height: normal;
font-variant: normal;
word-spacing: normal;
display:inline;
margin-left: auto;
margin-right: auto;
width: 211px; - these are the size of the layer
height: 45px;
text-indent: 0px;
}



  </style>
  </head>
  <body>

  <div id="container">
    <div class="buttons">
      <a href="new_user.php"><button class="action bluebtn"><span class="label">CREATE NEW ACCOUNT</span></button></a>
      <button class="action redbtn"><span class="label">EDIT ACCOUNT</span></button>
      <button class="action greenbtn"><span class="label">IMPORT EDI TEXT FILES</span></button>
      <a href="logout.php"><button class="action"><span class="label">LOG OUT <?php echo "(",$_SESSION['user'],")"; ?> </span></button></a>
    </div>


  </div>

</body>
</html>
-1
" function check_admin() {

header('Location: myaccount.php');
}
}
function check_user() {
if ($_SESSION['user_level'] != '0') {
header('Location: admin.php');


then the user and the administrator can use user_level= 2   ?"

Edited by lisandroivan

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.