PHP1 calls PHP2 which calls PHP1 and passes variables

StackOverflow https://stackoverflow.com/questions/18719073

Domanda

I created a user login function (let's call it PHP2) which is called from my main page (let's call it PHP1). When the user submits the login info, PHP2 is called which checks the username and password and upon success or failure calls the PHP1 page, where a message should appear either welcoming the user or telling him his credentials are incorrect.

Therefore, PHP1 should contain the message "Welcome " + $username, where username upon startup is blank and when the page is called after authentication by PHP2, $username should contain the user's login name.

How do I go about this?

This is my form in PHP1.php:

<p>Welcome <?php echo $_POST['user'] ?></p>
<form name="form1" method="post" action="PHP2.php">
   ...
</form>

This is my PHP2.php

<?php

   // Connection code

   // username and password sent from form 
   $user = $_POST['user']; 
   $pwd = $_POST['pwd']; 

   // Authentication code

   // Register $user, $pwd and redirect to file "PHP1.php"
   session_register("user");
   session_register("pwd"); 
   session_start();
   header("location:PHP1.php");
?>
È stato utile?

Soluzione

I'd recommend, as did Alma Do Mundo, to read about sessions. Here's how you would accomplish what you wanted:

login.php:

<!DOCTYPE html>
<html>
    <head><title>Login</title></head>
    <body>      
        <form id='loginform' action='checklogin.php' method='post'>             
            <div>Username: <input type='text' id='username' name='username' /></div>
            <div>Password: <input type='password' id='password' name='password' /></div>
            <div><input type='submit' id='submit' value='Login'></div>              
        </form>
    </body>
</html>

Have the login page send the data to an intermediate page such as checklogin.php. Here's the code for that:

<?php
    session_start();    

    // check if the username and password are correct
    // in real world scenario, this would be more complex as data
    // is cleaned and then checked against the database where username 
    // and encrypted password (and salt) are stored in a *secured* manner
    if ($_POST['username'] === 'hello' && $_POST['password'] === 'world')
    {
        $_SESSION['username'] = $_POST['username'];
        header('location:welcome.php');
    }
?>
<!DOCTYPE html>
<html>
    <head>
        <title>Login issue</title>
    </head>
    <body>
        <div class='badassredcolor'>Invalid username or password. Please <a href='login.php'>login again</a>.</div>
    </body>
</html>

checklogin.php will see if the username and password are right. If they are right, remember their username and send the person to welcome.php. Otherwise ask them to login again. Of course, the process should be much more graceful than this but this is just an example.

Then, your welcome page will show them a welcome message like so:

<?php
    session_start();
?>
<!DOCTYPE html>
<html>
    <head>
        <title>Welcome to the awesome website</title>
    </head>
    <body>

        <h1>Welcome <?php echo $_SESSION['username']; ?></h1>

    </body>
</html>

Hope this helps.

Alright, let's say we want to use a single page to do show form and check login/password, use the example below. It is a quick draft that you can modify. In real world, you would do it a lot different but this example is fine for learning:

<?php
    session_start();

    // let's hold a variable to check if the user POST'ed the form
    // or if we got to this page without POST'ing to itself
    $isPosted = false;

    // let's first check if user POST'ed anything
    if (isset($_POST['username']) && isset($_POST['password']))
    {
        // okay, we got something. Let's flag the variable
        $isPosted = true;

        // Let's check if the username and password are good. If good, let's set up
        // a session variable appropriately
        if ($_POST['username'] === 'hello' && $_POST['password'] === 'world')
        {
            $_SESSION['username'] = $_POST['username'];
        }
    }
    else
    {
        // seems like the form was not posted with any interesting data
        // or it is a fresh page-load. Let's ensure that no session variables
        // are alive
        if(isset($_SESSION['username']))
        {
            session_unset();
        }
    }       
?>
<!DOCTYPE html>
<html>
    <head><title>Login</title></head>
    <body>      

        <?php
        // if the form was posted and session was set, show welcome message
        if (
            $isPosted === true &&
            (isset($_SESSION['username']))
        )
        {
        ?>
            <div class='greetings'>Welcome, <?php echo htmlentities($_SESSION['username']); ?></div>
            <div>more cool things here</div>
        <?php
        }
        // oh, either the page was freshly loaded or session was not set. Cool, show form first
        else
        {
        ?>
            <form id='loginform' action='newlogin.php' method='post'>               
                <div>Username: <input type='text' id='username' name='username' /></div>
                <div>Password: <input type='password' id='password' name='password' /></div>
                <div><input type='submit' id='submit' value='Login'></div>
            </form>

            <?php
            // if the form was posted and we know that session is not set,
            // let's show an error
            if ($isPosted)
            {
            ?>
                    <div class='badassREDcolor'>Invalid username or password</div>
            <?php
            }
        }
        ?>

    </body>
</html>
Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a StackOverflow
scroll top