Here’s a simple username/password login form. When I submit with correct data it goes to test.php and echos ‘hi’ . But if I hit refresh on test.php it shows No Permission. How can I make it show ‘hi’ on test.php after refreshing test.php after I submit?
login.php:
<?php
session_start();
session_unset();
?>
<html>
<body>
<?php include 'header.php'; ?>
<form action = "test.php" method = "post">
<br/>
Enter username
<input type = "text" name = "user"/>
<br/>
Enter passowrd
<input type = "password" name = "pass"/>
</br>
<input type = "submit" value = "submit" name = "submit"/>
</form>
</body>
</html>
test.php:
<?php
session_cache_limiter('private_no_expire');
session_start();
$_SESSION['authuser'] = 0;
if(isset($_POST['user']) && isset($_POST['pass']))
{
$_SESSION['username'] = $_POST['user'];
$_SESSION['userpass'] = $_POST['pass'];
}
else
{
$_SESSION['username'] = NULL;
$_SESSION['userpass'] = NULL;
}
if($_SESSION['username']=="joe" && $_SESSION['userpass'] == 123456)
{
$_SESSION['authuser']=1;
echo 'hi';
}
else
{
echo "No permission";
exit();
}
?>
When you refresh, your browser should give you the option to repost the values, if you click yes it should work.
Or you could remove the else part of the code:
If you remove that then the session variables will be remembered and the rest of your code will use those session values.
EDIT:
On first load of that page (with my suggested change above), without having logged in before, you would get the undefined index error. To solve this you could change the line:
to
This will check the username and userpass are set, before checking their values.