Home/ Questions/Q 329869
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-12T09:37:42+00:00

I am making a simple Dynamic Website using PHP, where i allow the user

  • 0

I am making a simple Dynamic Website using PHP, where i allow the user to login and then access specific pages. So here’s what i have done so far.

The logged in values are taken though $_POST variables in a php script where it fetches values from database for registered users. If the user is found i do the following:

session_register('userid');
$_SESSION['userid'] = $username;//this is taken from $_POST
$_SESSION['accesslevel'] = $access;

at the beginning of the php script i have put session_start();

Now here comes my problem.

At every page now i have to check if the user is allowed to view that page or not, if he ain’t then he must be redirected to login.php, if he is then the page load must continue.

Now so far what i have learnt is that only way to maintain values across php pages is to use $_SESSION variables, and which ever page i am using Session Variables i must write session_start() on each page as the first line, else i will be getting Headers Already Sent error..

Strangely i exactly have done that but still get erros with the “headers already sent”.

SO i want to what is the best way to design a website, where i have to use Session variables across most of the pages, and keep these common checks at a common place..

  • Can i use include() feature some how?
  • Are sessions only way to communicate data across php pages.
  • What is a better way?

I have the following code :

<?php
session_start();
if(!isset($_SESSION['user']))
{
    $_SESSION['loc'] = "adminhome.php";
    header("location:ettschoollogin.php");
    exit();
}
    ?>

Which resides on top of every page which wants to check if the user has logged in.

And this is teh script to check for login

<?php
session_start();
include("connection.php");
$userid =$_POST['userid'];
$userpwd =$_POST['userpwd'];

$query="Select UNAME,UPASSWORD,SCHOOL,uaccess from schooluser where uname = '$userid'";

$result=mysql_query($query) or die("couldn't execute the query");
$row=mysql_fetch_array($result);
$useraccess = $row["uaccess"];


$school =$row[2];

if(($row[0]==$userid)&&($row[1]==$userpwd))
{
        session_register('userid');
        $_SESSION['userid']=$userid;
        $_SESSION['school']=$school;

    if($useraccess =="admin")   
    {       
        header("Location:adminhome.php");
    }

    if($useraccess !="admin")
    {
        header("Location:school_main.php");

    }
}
else
{
    header("Location:ettschoollogin.php?err=1"); 
}
?>

i was aware of the common error of having extra spaces after “?>”, BUT I STILL GET IT.

Thanks guys, i missed out and the “connection.php” file actually had extra spaces after “?>” i had removed it before, but some how the file got rewritten again.Thanks a lot.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Yes, you can use include. Put all your common functions in a separate php file and “include” it at the top of each file.

    You can use cookies to store information (typically just an id that you use to look up additional information in the PHP page). Normally, PHP sessions are handled using cookies though. See setcookie in the docs.

    You are probably getting the error messages due to stray characters outside of a <?php ?> block. A common error is to have an extra blank line at the end of an include file, after the ?>. That blank line will be output and your headers will have been sent. If that isn’t the problem, you will just need to make sure you move the session related code above any code that might generate some output (eg by using print or echo).

    • 0