skip to Main Content

I have an online portfolio, where I would like different clients to see different versions of my home page once they have logged in using the credentials I have provided.

So for example:

  • AcmeInc logs in > sees > acmeinc.html
  • BobsBurgers logs in > sees > bobsburgers.html

There won’t be many concurrent users (say, never more than 10) I would manually set up each user with a unique id, username, and password. I also have an entry for ‘version’ where I thought I could assign each user a value, e.g. 1,2,3 depending on the version of the home page I want them to see – although I am of course unsure if this is a viable approach, or there is something easier / better!

I have set up a login system using an online PHP tutorial (I don’t know much about PHP), and have a mySQL database correctly linked together and it is working as expected when inputting the user credentials into the login form.

The index.html to my site is a login screen, with a form linking to an ‘authenticate.php’ file (again from this tutorial – code at the bottom of this post)

On successful login, the user is redirected to home.php, which also has a snippet of PHP at the top to check session status – again attached below.

Any help would be much appreciated – thank you!

Authenticate.php

session_start();
$DATABASE_HOST = 'localhost';
$DATABASE_USER = 'john'
$DATABASE_PASS = 'password';
$DATABASE_NAME = 'users';

$con = mysqli_connect($DATABASE_HOST, $DATABASE_USER, $DATABASE_PASS, $DATABASE_NAME);
if ( mysqli_connect_errno() ) {
        exit('Failed to connect to MySQL: ' . mysqli_connect_error());
}

if ( !isset($_POST['username'], $_POST['password']) ) {
    exit('Please fill both the username and password fields!');
}

if ($stmt = $con->prepare('SELECT id, password FROM accounts WHERE username = ?')) {
    $stmt->bind_param('s', $_POST['username']);
    $stmt->execute();
    $stmt->store_result();
    
    if ($stmt->num_rows > 0) {
        $stmt->bind_result($id, $password);
        $stmt->fetch();

        if ($_POST['password'] === $password) {
            session_regenerate_id();
            $_SESSION['loggedin'] = TRUE;
            $_SESSION['name'] = $_POST['username'];
            $_SESSION['id'] = $id;
            header('Location: home.php');
        } else {
            echo 'Incorrect username and/or password!';
        }
    } else {
        echo 'Incorrect username and/or password!';
    }

    $stmt->close();
}

Home.php

<?php
session_start();
if (!isset($_SESSION['loggedin'])) {
  header('Location: index.html');
    exit;
}
?>

<!DOCTYPE html>
//html follows//

2

Answers


  1. You have already got this in your code. header('Location: home.php'); this will then direct users to home.php once they successfully login.

    Then on home.php you can add

    session_start();
    // If the user is not logged in redirect to the login page...
    if (!isset($_SESSION['loggedin'])) {
        header('Location: index.html');
        exit();
    }
    

    this will see if user is logged in and if not, redirect user back to login page

    Good login page link Not sure if this is what you have been using as code is very similar

    Login or Signup to reply.
  2. First of all add function ob_start() before session_start(), see more about ob_start() here from php manual.

    And as @Luka Shield said, you have already this in your code.

    Answer 2

    if you want redirect user from Authenticate.php, just add this code in your Authenticate.php file after line $_SESSION['id'] = $id;

    header('location: user' . $_SESSION['id'] . '.html');
    

    Example & Explanation: if user id is 1 after successful login, will redirect to user1.html and so etc…

    But are you sure that this solution is logical for your project?

    I think it only makes sense to fetch user information on one page based on the identifier (user-id). Better than creating 10 HTML files, ex. (User1.htm, User2-HTML. etc..). The solution that I will suggest will help you in the future by editing all pages from one place.

    Lock at this url
    example.com/user.php?id=1.

    Now I can get the id value by get-request, read here more about $_GET.

    So, first of all let’s create user page, create new Page user.php and paste the following code

    I will give you a page example

    ex: user.php

    <?php
        session_start();
        if (!isset($_SESSION['loggedin'])) {
          header('Location: index.html');
            exit;
        }
    
        if ($_SERVER['REQUEST_METHOD'] == 'GET')
        {
            $id = $_GET['id']; // user id that's coming from url example.com/user.php?id=x
                */
    
            if ($id > 0 && !empty($id))
            {
                /*
                    Now the variable $id represents the value of the number coming from? example.com/user.php?id=x
    
                    Depending on this variable, you can implement your idea, or fetch data depending on the id coming from the link
                */
            }
    
    
        }
    ?>
    
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search