Page refresh on Login Panel after pressing Submit button
Question
I'm new when it comes to PHP and I would like some help regarding an open source system that I've found on the internet, which I adapted for the project I'm currently working on.
First things first, the login was on a different webpage altogether, but I've adapted it to fit into index.php . The login system works really well, but I have an issue. After I log in, the webpage doesn't refresh itself, and the login form disappears. If I refresh the webpage, the website shows that I'm logged in as it should. Is there any way I can fix this?
My code is:
<div class="content">
<?php
//We display a welcome message, if the user is logged, we display it username
?>
Hello
<?php if(isset($_SESSION['username'])){echo ' '.htmlentities($_SESSION['username'], ENT_QUOTES, 'UTF-8');} ?>,
<br /> Welcome on our website.
<br /> You can <a href="users.php">see the list of users</a>.
<br />
<br />
<?php
//If the user is logged, we display links to edit his infos, to see his pms and to log out
if(isset($_SESSION['username']))
{
//We count the number of new messages the user has
$nb_new_pm = mysql_fetch_array(mysql_query('select count(*) as nb_new_pm from pm where ((user1="'.$_SESSION['userid'].'" and user1read="no") or (user2="'.$_SESSION['userid'].'" and user2read="no")) and id2="1"'));
//The number of new messages is in the variable $nb_new_pm
$nb_new_pm = $nb_new_pm['nb_new_pm'];
// Check if current user is the admin
if($_SESSION['userid']==1)
{ include('indexp.php');}
else { echo'nu merge';}
//We display the links
?>
<a href="edit_infos.php">Edit my personnal informations</a>
<br />
<a href="list_pm.php">My personnal messages(<?php echo $nb_new_pm; ?> unread)</a>
<br />
<a href="logout.php">Logout</a>
<?php
}
else
{
//Otherwise, we display a link to log in and to Sign up
?>
<a href="sign_up.php">Sign up</a>
<br />
<button data-toggle="collapse" data-target="#login">Log in</button>
<div id="login" class="collapse">
<?php
$ousername = '';
//We check if the form has been sent
if(isset($_POST['username'], $_POST['password']))
{
//We remove slashes depending on the configuration
if(get_magic_quotes_gpc())
{
$ousername = stripslashes($_POST['username']);
$username = mysql_real_escape_string(stripslashes($_POST['username']));
$password = stripslashes($_POST['password']);
}
else
{
$username = mysql_real_escape_string($_POST['username']);
$password = $_POST['password'];
}
//We get the password of the user
$req = mysql_query('select password,id from users where username="'.$username.'"');
$dn = mysql_fetch_array($req);
//We compare the submited password and the real one, and we check if the user exists
if($dn['password']==$password and mysql_num_rows($req)>0)
{
//If the password is good, we dont show the form
$form = false;
//We save the user name in the session username and the user Id in the session userid
$_SESSION['username'] = $_POST['username'];
$_SESSION['userid'] = $dn['id'];
}
else
{
//Otherwise, we say the password is incorrect.
$form = true;
$message = 'The username or password is incorrect. Please try again!';
}
}
else
{
$form = true;
}
if($form)
{
//We display a message if necessary
if(isset($message))
{
echo '<div class="message">'.$message.'</div>';
}
//We display the form
?>
<div class="content">
<form action="success.php" method="post">
Please type your IDs to log in:
<br />
<div class="center">
<label for="username">Username</label>
<input type="text" name="username" id="username" value="<?php echo htmlentities($ousername, ENT_QUOTES, 'UTF-8'); ?>" />
<br />
<label for="password">Password</label>
<input type="password" name="password" id="password" />
<br />
<input type="submit" value="Log in" />
</div>
</form>
</div>
<?php
}
?>
</div>
<?php
}
?>
</div>
I tried the following methods:
I set when the user logs on, it gets redirected to a page named success.php where a success message appears and a back button.
The problems is: when the users press the back button (index.php), the system doesn't recognize that users is logged in and asks him to log back in again. And that's it, an infinite loop in which you can't log in.
I tried a lot of tactics to reload the page twice, but it seems very ineffective.
3 answers
solution1
0 2019-02-20 13:04:13
You need to call session_start() at the beginning of every PHP page you need sessions in along with saving them. Also, I really recommend that you place the login logic in a separate PHP file for better readability and to be able to know what is missing easily.
solution2
0 2019-02-20 13:04:26
make use of PHP session and try to store the username password in the session and then redirect.
following is small example oh how php sessions work
<?php
ob_start();
session_start();
?>
<?
// error_reporting(E_ALL);
// ini_set("display_errors", 1);
?>
<html lang = "en">
<head>
<title>Tutorialspoint.com</title>
<link href = "css/bootstrap.min.css" rel = "stylesheet">
<style>
body {
padding-top: 40px;
padding-bottom: 40px;
background-color: #ADABAB;
}
.form-signin {
max-width: 330px;
padding: 15px;
margin: 0 auto;
color: #017572;
}
.form-signin .form-signin-heading,
.form-signin .checkbox {
margin-bottom: 10px;
}
.form-signin .checkbox {
font-weight: normal;
}
.form-signin .form-control {
position: relative;
height: auto;
-webkit-box-sizing: border-box;
-moz-box-sizing: border-box;
box-sizing: border-box;
padding: 10px;
font-size: 16px;
}
.form-signin .form-control:focus {
z-index: 2;
}
.form-signin input[type="email"] {
margin-bottom: -1px;
border-bottom-right-radius: 0;
border-bottom-left-radius: 0;
border-color:#017572;
}
.form-signin input[type="password"] {
margin-bottom: 10px;
border-top-left-radius: 0;
border-top-right-radius: 0;
border-color:#017572;
}
h2{
text-align: center;
color: #017572;
}
</style>
</head>
<body>
<h2>Enter Username and Password</h2>
<div class = "container form-signin">
<?php
$msg = '';
if (isset($_POST['login']) && !empty($_POST['username'])
&& !empty($_POST['password'])) {
if ($_POST['username'] == 'tutorialspoint' &&
$_POST['password'] == '1234') {
$_SESSION['valid'] = true;
$_SESSION['timeout'] = time();
$_SESSION['username'] = 'tutorialspoint';
echo 'You have entered valid use name and password';
}else {
$msg = 'Wrong username or password';
}
}
?>
</div> <!-- /container -->
<div class = "container">
<form class = "form-signin" role = "form"
action = "<?php echo htmlspecialchars($_SERVER['PHP_SELF']);
?>" method = "post">
<h4 class = "form-signin-heading"><?php echo $msg; ?></h4>
<input type = "text" class = "form-control"
name = "username" placeholder = "username = tutorialspoint"
required autofocus></br>
<input type = "password" class = "form-control"
name = "password" placeholder = "password = 1234" required>
<button class = "btn btn-lg btn-primary btn-block" type = "submit"
name = "login">Login</button>
</form>
Click here to clean <a href = "logout.php" tite = "Logout">Session.
</div>
</body>
</html>
Login.php
It will erase the session data.
<?php
session_start();
unset($_SESSION["username"]);
unset($_SESSION["password"]);
echo 'You have cleaned session';
header('Refresh: 2; URL = login.php');
?>
Logout.php
solution3
0 ACCPTED 2019-02-20 13:20:32
You have checked the session values before the submit code, because of that it was unable to check the sesssion variable on submit.
I have just put your submit code block above the session checking, so that it comes in effect instant.
And remember to have session_start(); on every page.
<div class="content">
<?php
session_start();
$ousername = '';
//We check if the form has been sent
if (isset($_POST['username'], $_POST['password'])) {
//We remove slashes depending on the configuration
if (get_magic_quotes_gpc()) {
$ousername = stripslashes($_POST['username']);
$username = mysql_real_escape_string(stripslashes($_POST['username']));
$password = stripslashes($_POST['password']);
} else {
$username = mysql_real_escape_string($_POST['username']);
$password = $_POST['password'];
}
//We get the password of the user
$req = mysql_query('select password,id from users where username="' . $username . '"');
$dn = mysql_fetch_array($req);
//We compare the submited password and the real one, and we check if the user exists
if ($dn['password'] == $password and mysql_num_rows($req) > 0) {
//If the password is good, we dont show the form
$form = false;
//We save the user name in the session username and the user Id in the session userid
$_SESSION['username'] = $_POST['username'];
$_SESSION['userid'] = $dn['id'];
} else {
//Otherwise, we say the password is incorrect.
$form = true;
$message = 'The username or password is incorrect. Please try again!';
}
} else {
$form = true;
}
//We display a welcome message, if the user is logged, we display it username
?>
Hello<?php if (isset($_SESSION['username'])) {
echo ' ' . htmlentities($_SESSION['username'], ENT_QUOTES, 'UTF-8');
} ?>,<br/>
Welcome on our website.<br/>
You can <a href="users.php">see the list of users</a>.<br/><br/>
<?php
//If the user is logged, we display links to edit his infos, to see his pms and to log out
if (isset($_SESSION['username'])) {
//We count the number of new messages the user has
$nb_new_pm = mysql_fetch_array(mysql_query('select count(*) as nb_new_pm from pm where ((user1="' . $_SESSION['userid'] . '" and user1read="no") or (user2="' . $_SESSION['userid'] . '" and user2read="no")) and id2="1"'));
//The number of new messages is in the variable $nb_new_pm
$nb_new_pm = $nb_new_pm['nb_new_pm'];
// Check if current user is the admin
if ($_SESSION['userid'] == 1) {
include('indexp.php');
} else {
echo 'nu merge';
}
//We display the links
?>
<a href="edit_infos.php">Edit my personnal informations</a><br/>
<a href="list_pm.php">My personnal messages(<?php echo $nb_new_pm; ?> unread)</a><br/>
<a href="logout.php">Logout</a>
<?php
} else {
//Otherwise, we display a link to log in and to Sign up
?>
<a href="sign_up.php">Sign up</a><br/>
<button data-toggle="collapse" data-target="#login">Log in</button>
<div id="login" class="collapse">
<?php
if ($form) {
//We display a message if necessary
if (isset($message)) {
echo '<div class="message">' . $message . '</div>';
}
//We display the form
?>
<div class="content">
<form action="success.php" method="post">
Please type your IDs to log in:<br/>
<div class="center">
<label for="username">Username</label><input type="text" name="username" id="username"
value="<?php echo htmlentities($ousername, ENT_QUOTES, 'UTF-8'); ?>"/><br/>
<label for="password">Password</label><input type="password" name="password" id="password"/><br/>
<input type="submit" value="Log in"/>
</div>
</form>
</div>
<?php
}
?>
</div>
<?php
}
?>
</div>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Disable submit button after submit and page refresh
Blank Page after pressing Submit button with all fields filled up
I am getting refresh after executing submit button in login form
angular 4 submit form by pressing enter with login button
Page refresh after login?
How to refresh the page with nodejs after click on submit button
Stay on same page after refresh because of submit button click
Keeping tab open after page refresh or button submit
Repopulating/Refresh table in React after pressing a button
Retrieve data after pressing submit button
Related Tags