1

Suppose, I have two pages login.php and index.php. In index.php I have two buttons Login and register.After clicking the buttons ,the user is directed to login.php.

If I want to implement a login functionality using PHP, something related to facebook such that the if a user has logged in before, then it bypasses the index page once the username and password are set and directly lands into the login page. Is $_SESSION a proper way of doing it.

For example:

   <?php
    session_start();
?><!DOCTYPE html>
<html lang="en">
    <head>
        <meta charset="UTF-8" />
        <title>Ayu</title>
    </head>
    <body>
<?php if (isset($_SESSION["user"])) { ?>
        <h1>Hi <?php echo $_SESSION["user"]; ?></h1>
        <a href="logout.php">Logout</a>
<?php } else { ?>
        <h1>Login</h1>
<?php echo (isset($_GET["error"])) ? '<p>You idiot!</p>' : ""; ?>
        <form action="new-user.php" method="post">
            <div>
                <label>
                    <strong>Username</strong>
                    <input type="text" name="username" />
                </label>
            </div>
            <div>
                <label>
                    <strong>Password</strong>
                    <input type="password" name="password" />
                </label>
            </div>
            <input type="submit" value="Log In" />
        </form>
<?php } ?>
    </body>
</html>

In the login functionality, I am setting the $_SESSION values 

<?php
    session_start();
    if (count($_POST))
        if ($_POST["username"] == "ayu" && $_POST["password"] == "shee") {
            $_SESSION["user"] = "Ayushi";
            header("Location: ./");
        } else {
            unset($_SESSION["user"]);
            header("Location: ./?error");
        }
?>
CBroe
  • 91,630
  • 14
  • 92
  • 150
Aayushi
  • 1,736
  • 1
  • 26
  • 48

2 Answers2

4

Yes using and creating ($_SESSION) session is the correct way to check logged in users.

$_SESSION is a 'superglobal', or automatic global, variable. This simply means that it is available in all scopes throughout a script. There is no need to do global $variable; to access it within functions or methods.

Check for session on very top of a page, if found redirect to index else to login page.

if(!isset($_SESSION['login_user'])){
      header("location:login.php");
   }

Refer this simple login example using my sql in php Here

EDIT

As requested by OP - if you want to hide a particular section in index.php page based on session value or say if a user is logged in or not that can be done like:

<?php
if(isset($_SESSION['login_user'])){
?>
<form>
   <input type="submit" name="whatever" />
   <!-- Other Fields -->
</form>
<?php
}
?>

Html Form in the above code will only be shown if a user is logged in else it will be hidden.

Ambrish Pathak
  • 3,813
  • 2
  • 15
  • 30
  • And if I have only one index.php and two different sections that I want to toggle with.then how should I do that ? Because I cannot use header location there. – Aayushi May 16 '17 at 06:33
  • In that case you can hide or show html section or blocks based on session value. let me edit my answer to add this – Ambrish Pathak May 16 '17 at 06:39
  • Just one more confusion that I have, when I set $_SESSION, will that be set until I end the session, irrespective of the number of times I refresh or run the code? – Aayushi May 16 '17 at 06:53
  • Default timeout depends on the server configuration or the relevant directives (session.gc_maxlifetime) in php.ini . Typically the default is 24 minutes (1440 seconds), but your webhost may have altered the default to something else. so you can end the session based on the time. – Ambrish Pathak May 16 '17 at 07:16
0

Yes, Session is best way to implement the same. You can use the below php code to solve your problem

<?php
    session_start();
    if (!empty($_POST))
        if ($_POST["username"] == "ayu" && $_POST["password"] == "shee") {
            $_SESSION["user"] = "Ayushi";
            header("Location: ./");
        } else {
if($_SESSION["user"]!=''){
            unset($_SESSION["user"]);
}
            header("Location: ./?error");
        }else{
/* Write code for form */
}
?>
sangram singh
  • 149
  • 2