Login won't work correctly PHP
I tried to work on my login system. For some reason, when I login, it will be redirected to sucesspage.php. By this time he figured out that I am a login, however when I press the back button I can access the login.php file.
A common login is that upon successful login and redirection to the success page, it should stay on the success page on the success page even if you hit the back button in your browser.
So, basically I have a login.php file and a process.php file, and a success.php file where the user will be redirected.
Here's my process.php file:
<?php
session_start();
require("new-connection.php");
if(isset($_POST['action']) && ($_POST['action']) == 'register'){
//call to function
register_user($_POST); //use the ACTUAL POST
}
elseif(isset($_POST['action']) && ($_POST['action']) == 'login'){
login_user($_POST);
}else{
session_destroy();
header('Location: homepage.php');
die();
}
function login_user(){ //just a parameter called post
global $connection;
$email = mysqli_real_escape_string($connection, $_POST['email']);
$password = mysqli_real_escape_string($connection, $_POST['password']);
$query = "SELECT * FROM users WHERE users.password = '{$password}'
AND users.email = '{$email}'";
$user = fetch($query); //go and grab all users on above condition
if(count($user) > 0){
$_SESSION['user_id'] = $user[0]['id'];
$_SESSION['first_name'] = $user[0]['first_name'];
$_SESSION['logged_in'] = true;
header('Location: success-homepage.php');
die();
}else{
$_SESSION['errors'][] = "cant find users";
header('Location: homepage.php');
die();
}
}
?>
And here is my success.php file:
<?php
session_start();
echo "HELLO {$_SESSION['first_name']} SUCCESS! <br>";
echo "<a href='process-homepage.php'>LOGOUT</a>";
?>
Any idea? Thank!
+3
source to share