Search code examples
phphttp-redirectauthenticationuser-accounts

Redirecting logged in users

I have created profiles for users so that when a user logs in they are redirected to their own profile page.

login.php (relevant code only)

 $MemberID = user_id_from_username($username);
        $_SESSION['MemberID'] = $username;
        header('location: member.php?username='.$username);

member.php

if (logged_in () === true){
        echo "Welcome, ".$_SESSION['MemberID']. "!<br><a href='logout.php'>Logout</a>\n<a href='index.php'>Back to homepage</a></p>";
    }

    if(isset($_GET['username']) === true & empty ($_GET['username']) === false) {   
        $username = $_GET ['username'];
        //check if user actually exisits
        if (user_exists($username) === true) {
        //get username from user id
            $MemberID = user_id_from_username($username);
            $profile_data =user_data($MemberID,'Name','Address','Postcode','DOB','Mobile','CoinsAvailable','Email','profile','OddJobName','Description','CoinValue','DaysAvailable');//Need to pull out stuff from oddjob table
            echo $MemberID;
        }else{
            protect_page();
        }
}

relevant functions:

function user_data($MemberID){ //pass in memberid to get info about user
        $data = array();//data to be returned
        $MemberID =(int)$MemberID;//creating int from this input

        $func_num_args = func_num_args(); //count number of arguments from user data on init.php
        $func_get_args = func_get_args();

        if ($func_num_args >1) { //if more then 1, unset the first element of array 
            unset($func_get_args[0]);

            $fields = '`' . implode('`,`', $func_get_args) . '`';   //taking array and converting to string

            $data = mysql_fetch_assoc(mysql_query("SELECT $fields FROM `member`,`oddjob` WHERE member.MemberID = oddjob.MemberID AND member.MemberID = $MemberID"))or die (mysql_error());
                //echo $MemberID;
                return $data;

        }
}

function logged_in() {
    return (isset($_SESSION['MemberID'])) ? true : false; //Email
}



if (logged_in() ===true) {
    $session_MemberID = $_SESSION['MemberID'];//grabbing value from login
    $user_data= user_data($session_MemberID,'MemberID','Name','Address','Postcode','DOB','Mobile','CoinsAvailable','Email','Password','RepeatPassword','OddJobName','Description','DaysAvailable','profile');
    exit();
    }

All this code allows the user to be redirected to their own page, when they login their name is displayed along with other $profile_data information. Now I want the user to be able to update their own info by clicking on a link to update_info.php. But I don't know how to get the members username to appear in the URL when they visit update_info.php like it does when they log in.

In the member page (where the link is) I tried:

<a><?php header('location:update_info.php?username='.$username)?>">Update info</a></p>

But now when the user logs in they are redirected to update_info.php instead of member.php. Can anybody tell me how to fix this? Thanks.

Solution

  • Do you mean:

    <a href="update_info.php?username=<?php echo $username; ?>">Update info</a>

    This passes the $username to the update_info.php page