I am new to PHP and hope someone can help me with this.
I am trying to cover the following scenarios in a header file that is included on all my pages:
status
" is not set AND page name is not " login
" or " user
" THEN redirect to login page. status
" is not set AND page name is " user
" AND variable " resetToken
" is not set THEN redirect to login page. So far I have the below which works for all pages when accessing them from the browser but when I use a link from an email like the following I still get redirected even if the link contains the variable " resetToken
":
Example link: https://www.myurl.com/user.php?resetToken=abcde
My PHP (in header include):
$baseURL = "https://www.myurl.com";
$pageURL = basename($_SERVER["REQUEST_URI"]);
$pageName = pathinfo(parse_url($pageURL, PHP_URL_PATH), PATHINFO_FILENAME);
if( (!isset($_SESSION["status"])) && ($pageName != "login") && ($pageName != "user") ){
header("Location: " . $baseURL . "/login.php");
exit;
}
if( (!isset($_SESSION["status"])) && ($pageName == "user") && (!isset($_GET["resetToken"])) ){
header("Location: " . $baseURL . "/login.php");
exit;
}
I have two questions regarding this:
Many thanks for any help, Mike
$baseURL = "https://www.myurl.com";
$pageURL = basename($_SERVER["REQUEST_URI"]);
$pageName = pathinfo(parse_url($pageURL, PHP_URL_PATH), PATHINFO_FILENAME);
if( (!isset($_SESSION["status"])) &&
($pageName != "login") &&
($pageName != "user")
||
(!isset($_SESSION["status"])) &&
($pageName == "user") &&
(!isset($_GET["resetToken"]))
)
{
header("Location: " . $baseURL . "/login.php");
exit;
}
You have 2 if
conditions and you are redirecting to same page... You can combine them into 1 if
condition.
$_GET
does work no matter where the url was clicked ()
and combine them with ||
PHP
if(
(
(!isset($_SESSION["status"])) && ($pageName != "login") &&
($pageName != "user")
) || (
(!isset($_SESSION["status"])) && ($pageName == "user") &&
(!isset($_GET["resetToken"]))
)
){
header("Location: " . $baseURL . "/login.php");
exit;
}
When it is redirecting even tho you have set the token you should dump the variable before. The code as it is should not redirect when the token is set.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.