I have an index.html file which I want to run some jQuery when it is loaded. Essentially, I want to check to see if a user is already logged in based on some session variables.
So index.html will contain some jQuery which uses $(document).ready(function(){ });
In this function I want to just fire autheticate.php which checks to see if $_SESSION[‘user’] is set, if it is then it will redirect to home page otherwise it will redirect to login page…
how can I post in jQuery without having a html form? I just want to post to a url…
EDIT:
Based on @jondavidjohn’s answer I changed my web app so that it uses index.php to check sessions:
<?php
session_start();
if(isset($_SESSION['username'])){
//go to home page
header('Location: ...home.html');
}else{
//go to login page
header('Location: ...login.html');
}
?>
It is surely possible doing this with javascript, but it is not secure at all…
You need to be checking at the server level for
$_SESSION['user']before you even send the content to the browser…My answer would be to do the checking / redirecting with PHP before anything gets sent to the browser, it will be less complicated and more secure…
The reason a javascript solution is insecure is that you are relying on a technology that resides and is controlled by the client to control access to protected areas.