Home/ Questions/Q 8541093
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-11T11:45:05+00:00

I have a login form with the following code if ($does_user == 1)//Als het

  • 0

I have a login form with the following code

if ($does_user == 1)//Als het aantal rijen gelijk is aan 1, zorg wel met registreren dat er geen dubbele gebruikers in de database kunnen worden toegevoegd
        {
            //Extract de array naar strings
            extract($row);

            if ($acces_level == 1)
            {   
                if (isset($_POST["remember"]))
                {
                    //Cookie aanmaken met de id van de gene die inlogt
                    setcookie("user_id", $user_id, time()+60*60*24*100, "/");

                    //Naar de profiel pagina
                    header("location: profile.php?user_id=".$user_id."");
                }
                else
                {
                    //Session aanmaken met de id van de gene die inlogt
                    $_SESSION["user_id"] = $user_id;

                    //Naar de profiel pagina
                    header("location: profile.php?user_id=".$user_id."");
                }
            }
            elseif ($acces_level == 2)
            {
                if (isset($_POST["remember"]))
                {
                    //Cookie aanmaken met de id van de gene die inlogt
                    setcookie("user_id", $user_id, time()+60*60*24*100, "/");

                    //Naar de admin pagina
                    header("location: admin/index.php?user_id=".$user_id."");
                }
                else
                {
                    //Session aanmaken met de id van de gene die inlogt
                    $_SESSION["user_id"] = $user_id;

                    //Naar de admin pagina
                    header("location: admin/index.php?user_id=".$user_id."");
                }
            }
        }

and when it goes to the profile.php page it sends a id with the url. So i build a function when the user changes its id in the url u wil head to a 404.php
But this function is not working well and i dont know why.

function user_exists()
{
    if (isset($_SESSION["user_id"]) !== $_GET["user_id"])
    {
        header("location: 404.php");
        exit();
    }
    elseif (isset($_COOKIE["user_id"]) !== $_GET["user_id"])
    {
        header("location: 404.php");
        exit();
    }           
}

The $_GET[“user_id”] is equal to the SESSION or the COOKIE but it heads to the 404.php anyway, can someone explain to me why ?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    This should work as intended:

    function user_exists()
{
    if (isset($_SESSION["user_id"]) && ($_SESSION["user_id"] !== $_GET["user_id"])
    {
        header("location: 404.php");
        exit();
    }
    elseif (isset($_COOKIE["user_id"]) && ($_COOKIE["user_id"]) !== $_GET["user_id"])
    {
        header("location: 404.php");
        exit();
    }           
}

    Check first if the stored variable is empty and compare the content of it with the $_GET variable.

    • 0