tags:

views:

109

answers:

5
Q: 

authentication in PHP ?

Hi guys, I need to make an authentication script in php. I have already made a login.php page, where the user can enter his unsername/password and it gets checked against a database. If the unsername/password are correct, the user should be forwarded to members.php page together with a $_SERVER['username'] variable.

What is the command in PHP to go to another webpage, in this case members.php ?

in pseudocode I see it like this:

if ( unsername/password are OK ) { $_SERVER['username'] = $username; goto(members.php); }

Thanks!

+2  A:  
header('Location: members.php');

Remember that headers must be sent before any output is sent.

nuqqsa  2010-05-09 12:31:39
+4  A: 

You can't set anything $_SERVER. You should use a session + cookies instead. Then you can let the client know to go to members.php using the Location header:

session_start();
$_SESSION['username'] = $username;
header("Location: members.php");
exit(0);
Wim  2010-05-09 12:32:13
Thanks, got it working!
 2010-05-09 15:19:54
`start_session` is incorrect. The correct name is `session_start`
Jacob Relkin  2010-05-10 05:02:13
@Jacob Thanks, fixed it.
Wim  2010-05-11 13:10:01
+1  A: 

You should most definitely use sessions in this instance.

Here's an example:

session_start();
$_SESSION[ 'username' ] = $_POST[ 'username' ];
header( 'Location: members.php' );

exit();
Jacob Relkin  2010-05-09 12:36:45
+2  A: 

The code to redirect a user through PHP (provided you have not yet sent any output to their browser) is header( 'Location: members.php' );.

As an aside, you are probably wanting to use $_SESSION[] as opposed to $_SERVER[]

Lucanos  2010-05-09 12:40:14
A: 

@nuqqsa headers can be sent even after you sent body content if you use output buffering. You can do that by editing php.ini setting output_buffering = On or by calling the output buffering functions at runtime

Andreas M.  2010-05-09 13:33:48
Please use comments rather than creating a new answer.
Neil Aitken  2010-05-09 13:58:35
You're right here, certainly to be considered in case you really need to send your headers after output has started (yet a bad practice if the purpose is to ignore possible previous notice/warning outputs, then please properly implement error handling).
nuqqsa  2010-05-09 14:38:22

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases