1

I am new to PHP. So I made a loginform for my website and where I'm having trouble hiding the form after the user logs in.. I want it to disappear after the user sucessfully logs in. My code is the following,

<?php
    include "connect.php";
    $_SESSION['backurl'] = basename($_SERVER['PHP_SELF']);
?>

<div class = "loginform">  
            <form name = "login" action = "login.php" method = "post" accept-charset = "utf-8"> 
                <?php
                     echo $_SESSION['username'];
                    //IF LOGADO TIRAR FORM. 
                ?>
                <ul>  
                    <li><label for = "usermail" class = "letralogin" >Email</label>  
                    <input type = "email" name = "usermail" placeholder = "yourname@email.com" required></li> 
                    <p>
                    <li><label for = "password" class = "letralogin">Password</label>  
                    <input type = "password" name = "password" placeholder = "password" required></li> 
                    <p>                 
                    <input type = "submit" name = "login" value = "Login"></li>
                </ul>                   
            </form>
            </div>

            <div class = "divreg">
                <input type = "button" onclick = "location.href = 'registo.php';" value = "Registo" class = "buttreg"/>
            </div>

This is my code on login.php,

<?php
    include "connect.php";
    if(isset($_POST['login']))
    {
        $username = $_POST['usermail'];
        $password = sha1($_POST['password']);
        $sql = "select * from utilizador where email = '$username' and password = '$password'";
        $result = mysqli_query($conn, $sql);
        if (mysqli_num_rows($result) > 0)
        {
            echo 'OK';
            $_SESSION['username'] = $username;
            header('Location: ' . $_SESSION['backurl']);
        }
        else 
        {
            echo 'wrong password';
            header('Location: ' . $_SESSION['backurl']);
        }
    }
    else
    {
        header('Location: inicio.php');
    }
?>
huysentruitw
  • 27,376
  • 9
  • 90
  • 133
Reavstone
  • 25
  • 1
  • 7
  • What do you have saved that denotes if the user is logged in? Just the username session variable? – bhooks Dec 30 '15 at 21:08
  • Where is your conditional checking if the user logged in? – chris85 Dec 30 '15 at 21:09
  • I edited the post, hope that helps.. – Reavstone Dec 30 '15 at 21:25
  • @reavstone: I have updated my answer adding session start function – devpro Dec 30 '15 at 21:44
  • What do you exactly want ? is your login part and your main part after logging in, in one page? Or they're in different pages? and you want when the user logged in and typed your login page address in URL, the main page will be shown for him, correct? – Majid Sadr Dec 30 '15 at 21:50
  • The login form is in all pages, what I want is when the user logged in, the form disappears and the user stays in the same page he was. – Reavstone Dec 30 '15 at 21:59
  • Print your session after echo OK before header location. And use die(); after header location and for testing comment yur headers and print session array and chk is username set or not. – devpro Dec 30 '15 at 22:01
  • I did what you asked @devpro and this showed up on a blank page: OKArray ( [backurl] => inicio.php [username] => ) – Reavstone Dec 30 '15 at 22:08
  • This means username is not set did u add session_start in login.php file? Where your query located? – devpro Dec 30 '15 at 22:09
  • I edited my answer, see again and tell if you mean any other thing. – Majid Sadr Dec 30 '15 at 22:09
  • If I add session_start it gives me an error saying a session had already been started @devpro – Reavstone Dec 30 '15 at 22:14
  • All right last thing where u use echo OK just do it this.... remove ECHO OK... //header (). And use this $_SESSION['username'] = $_POST['usermail']; and after this refresh yur login form file... and share the result – devpro Dec 30 '15 at 22:17
  • Doesn't work @devpro it just takes me to the login.php page and shows it all blank – Reavstone Dec 30 '15 at 22:23
  • If page blank than print session I hope u r getting the username in session this time – devpro Dec 30 '15 at 22:25
  • Shows me this Array ( [backurl] => inicio.php [username] => ) @devpro – Reavstone Dec 30 '15 at 22:27
  • Also chk in private window – devpro Dec 30 '15 at 22:28
  • chk in private window? Sorry I didn't understood @devpro – Reavstone Dec 30 '15 at 22:31
  • Means private window of browser incognito – devpro Dec 30 '15 at 22:32
  • Shows me the same thing @devpro Is there any other way we can talk, so its easier ? – Reavstone Dec 30 '15 at 22:37
  • Sidenote: I hope using `sha1` is only for testing purposes and not intended to go live. You should also add `exit;` after each header, otherwise you code may want to continue to execute. Another thing, make sure you did start the session and for all pages using sessions. – Funk Forty Niner Dec 30 '15 at 23:03
  • Its not going live, its just something i've been working on and playing around so I can understand a bit more. Yes I started the session for all pages @Fred -ii- – Reavstone Dec 30 '15 at 23:08
  • what I suggest you do is to wrap your form code inside an echo, assign a variable for the encapsulated form along with a session array, then echo it respectively. I.e.: `$form = '
    ...
    ';` etc. *done like dinner, and easy as pie* ;-)     – Funk Forty Niner Dec 30 '15 at 23:35
  • By the way, you're outputting before header with echoes on top of your headers. Add error reporting to the top of your file(s) right after your opening PHP tag for example ` – Funk Forty Niner Dec 30 '15 at 23:37
  • @Reavstone: yes we can, if you share your email on your Profile information.. remember don't share personal info here.... its not for social network... – devpro Dec 31 '15 at 05:38

4 Answers4

2

You can check session in login file at top:

include "connect.php";

session_start();

    $_SESSION['backurl'] = basename($_SERVER['PHP_SELF']);

if(isset($_SESSION['username']) && !empty($_SESSION['username']) )   {
       header('Location: ' . $_SESSION['backurl']);
}

If you have both separate files than you need to use session_start function in both files.

devpro
  • 16,184
  • 3
  • 27
  • 38
  • 1
    @reavstone answer update u need to start session function on top also – devpro Dec 30 '15 at 21:40
  • Thanks for the patience mate, but it still doesn't work :/ – Reavstone Dec 30 '15 at 21:48
  • @reavstone can u check print_r ($_SESSION); AFTER FORM POST WHERE U ECHO OK after session creating – devpro Dec 30 '15 at 21:50
  • Sorry I don't understand what you want me to do, im new to this :/ – Reavstone Dec 30 '15 at 22:04
  • @reavstone check your session is set properly? Like where u use $_SESSION['username'] = $username; after this echo $_SESSION['username']; exit; ..... test this and let me knw the result – devpro Dec 30 '15 at 22:07
  • @Reavstone so tell me, why did you suddenly accept this answer and what made this all happen? probably the fact about me telling you about the header thing. – Funk Forty Niner Dec 31 '15 at 01:04
1

Assuming the username session variable is only set if the user is logged in, this would be what you want.

if (!isset($_SESSION['username'])) {
?>
HTML FORM CODE GOES HERE
<?php
}
?>

What this does is check if you have a username set, and if you don't it will display the HTML for the login form if you place it between the PHP tags. Additionally you could put a bit of JavaScript in there that hides your loginform div, which would also remove the login form from the page.

bhooks
  • 409
  • 5
  • 16
  • Didn't work, thanks for your help, I edited the post if you can, check it out. – Reavstone Dec 30 '15 at 21:25
  • *"What this does is check if you have a username set"* - `if (!isset($_SESSION['username']))` the `!` is the `NOT` operator. OP wants to check if it "is" set and hide the form if it is "set". – Funk Forty Niner Dec 30 '15 at 23:31
0

You should check that your session is empty or not. Like this:

session_start();
if(!empty($_SESSION['username']) {
       ?>
       <!--your login form-->
       <?php
} else {
       ?>
       main page.
       <?php
}

this is for the situation that you want when the user is not logged in no page be shown for him except Login part. Or if you want just hide login form after logging in, It will be like this:

session_start();
if(empty($_SESSION['username']) {
       ?>
       <!--your login form-->
       <?php
}
?>
<!--main part details. -->
Majid Sadr
  • 911
  • 7
  • 18
0

Foreword:

You're presently outputting before header with the echos above your headers, and that alone will kill your code.

Either you echo OR header; you can't have both, not the way you are using them now.

Here is a basic method and as I mentioned in comments, assign a variable to your form code, and encapsulated in quotes.

You can base yourself on the following skeleton/basic model and then take it from there.

<?php 
error_reporting(E_ALL);
ini_set('display_errors', 1);

session_start();

$_SESSION['user'] = "John";
?>

<!DOCTYPE html>
    <head><title></title></head>
    <body>

<?php 


$form = '
            <form name = "login" action = "login.php" method = "post" accept-charset = "utf-8">

                <ul>  
                    <li><label for = "usermail" class = "letralogin" >Email</label>  
                    <input type = "email" name = "usermail" placeholder = "yourname@email.com" required></li> 
                    <p>
                    <li><label for = "password" class = "letralogin">Password</label>  
                    <input type = "password" name = "password" placeholder = "password" required></li> 
                    <p>                 
                    <input type = "submit" name = "login" value = "Login"></li>
                </ul>                   
            </form>

';


if (isset($_SESSION['user']) && $_SESSION['user'] == 'John') {

    echo "Welcome " . $_SESSION['user'];

    }

    else{ 

    echo $form;

    }

?>

    </body>
 </html>
Community
  • 1
  • 1
Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141