Simple password protecting of a page: What am I doing wrong here?
Question
For my test environment site I want anyone who views it to have to type in a password once per session. When their session starts, they type in the password and are redirected to the page they were trying to view. So I have at the top of every page
// For test site, require login
if ( !$_SESSION['loggedIn'] )
{
$pagetarget = $_SERVER['REQUEST_URI'];
include "test_login.php";
die();
}
and then test.login.php is
<?php
if ( $_POST['password'] == '091u233j12j3' )
{
$_SESSION['loggedIn'] = true;
header("Location: " . $pagetarget);
die();
}
?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Test Environment Login</title>
</head>
<body>
<form method="POST">
<p>Enter password to unlock <b>test.mysite.com</b>: <input type="text" name="password" /><input type="submit" /></p>
<p>You will be redirected to the page you tried to access.</p>
<input type="hidden" name="pagetarget" value="<?php echo $pagetarget; ?>" />
</form>
</body>
</html>
but the page redirection isn't working. What am I doing wrong?
2 answers
solution1
2 ACCPTED 2015-11-11 19:27:49
You need a call to session_start() at the beginning of every script before you can use $_SESSION .
Example:
session_start();
if ( !$_SESSION['loggedIn'] )
{
$pagetarget = $_SERVER['REQUEST_URI'];
include "test_login.php";
die();
}
solution2
0 2015-11-11 19:30:15
Try this :
// For test site, require login
session_start();
if ( !$_SESSION['loggedIn'] )
{
$pagetarget = $_SERVER['REQUEST_URI'];
include "test_login.php";
die();
}
and test_login.php
<?php
if ( $_POST['password'] == '091u233j12j3' )
{
$_SESSION['loggedIn'] = true;
header("Location: " . $_POST['$pagetarget']);
die();
}
?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
(...)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.