4

I have a register.php, login.php, and main.php. How do i redirect user after after registration submit to login page and then login page submit to main page.

Improve this question

4 Answers 4

Reset to default
7 
header("Location: /login.php");
exit;

See the exit. Don't ever forget to do this. If you have sensitive data after this, it will be visible to anyone that doesn't follow location headers (such as some bots).

To stop you from forgetting, you could build a wrapper type function

function redirect($url) {
    header('Location: ' . $url);
    exit;
}
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

I'm not sure that Google wouldn't follow that, but I may be wrong. They follow 301's and 302's just fine... what's the default Status Code sent along with PHP via Location?
@anonymous coward I read a 'Daily WTF' recently where they had pages deleted from a custom CMS because the Internet Archive bot didn't follow the Location headers. I mixed up Google bot with them.
Wait, why are you outputting sensitive data in the first place?
Well someone might have something like if ( ! $loggedIn) { header('Location: login.php'); echo 'you must be logged in' }. Not saying that is best practice but I'm sure some people may do it.
3 
header("Location: /login.php");

http://php.net/manual/en/function.header.php

Improve this answer

6 Comments

I generally add die("Redirecting..."); after the header, just to make sure nothing else is outputted.
@webdestroya - Isn't that a bit misleading, on account of if the user can see that, the redirect has failed?
The user rarely sees it, and if they do it just means their browser is slow, not that the redirect has failed.
@webdestroya I don't think it means their browser is slow? More like it is refusing to follow Location headers. Perhaps I'm wrong though.
Maybe, but the probability that a browser will not respect the Location header is incredibly low.
|
0

You can do this:

func.php

<?php
function EmptyStr($value){
   $str = strval($value);
   $str = str_replace("&nbsp;", "", $str);
   return (trim($str) == "");
}

function redirect($url) {
header('Location: ' . $url);
exit;
}
?>

register.php

<?php
include("func.php");
$username = $_POST["username];
$password = $_POST["password"];
$email = $_POST["email"];
if(!EmptyStr($username) && !EmptyStr($password) && !EmptyStr($email)){
   sql = WRITE YOUR SQL SYNTAX HERE TO INSERT THE INPUT TO DB
   redirect("/login.php");
}else{
   $_SESSION["ErrMsg"] = "Error! All fields are required.";
}

echo $_SESSION["ErrMsg"];
$_SESSION["ErrMsg"] = "";
?>
Put your html regsitration form here

login.php

<?php
include("func.php");
$username = $_POST["username];
$password = $_POST["password"];

if(!EmptyStr($username) && !EmptyStr($password)){
   sql = WRITE YOUR SQL SYNTAX HERE TO QUERY THE USERNAME AND PASSWORD TO DB
   if ($rs && !$rs->EOF) {  //user found and pass match
      $_SESSION["username"] = $username;
      redirect("/main.php");
   }else{
      $_SESSION["ErrMsg"] = "Invalid username or passsword!";
   }
}else{
   $_SESSION["ErrMsg"] = "Error! All fields are required.";
}

echo $_SESSION["ErrMsg"];
$_SESSION["ErrMsg"] = "";
?>

Put your html login form here

main.php

<?php
include("func.php");
if(EmptyStr($_SESSION["username"])){ //check if user has session (logged in)
   $_SESSION["ErrMsg"] = "You need to logged in first to view this page!";
   redirect("/login.php");
}
?>
Improve this answer

Comments

-1 
`Header("Location:login.php");`

or: echo "<meta http-equiv=refresh content='0; url=login.php'>";

or:

echo "<script language='javascript'>";
echo "location='login.php';";
echo "</script>";
Improve this answer

1 Comment

Never count on Javascript to perform a mission critical redirect.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.