I have a reporting website that I created and I'm slowly adding functionality to it. I've just added a part where it is supposed to force a user to log in. It's really just to capture the users CorpID, I don't keep or record the password and it's not required.
Right now I have the login portion working. Then I'm trying to run a check to make sure that a user is logged in and if not to force them to log in. I am only doing this right now on the Admin page, which only I have access to. Here is how I've got it right now:
AdminPage.php:
<body>
<?php
require 'CheckLogin.php';
include 'Menu.php';
?>
Other code for the page
CheckLogin.php:
<?php
$Expiration = time() - (60*60*24*7);
echo "You made it to here!";
if(!isset($_COOKIE['UserName']))
{
if(isset($_POST['UserName']))
{
setcookie("UserName",$_POST['UserName'],$Expiration);
}
else
{
echo "<script>location.href='LoginForm.php'</script>";
}
}
else
{
if(isset($_POST['UserName']))
{
setcookie("UserName",$_POST['UserName'],$Expiration);
}
else
{
setcookie("UserName",$_COOKIE['UserName'],$Expiration);
}
}
?>
UPDATE
Here's the Menu.php
<?php
$AdminUsers = include 'AdminUsernames.php';
if(isset($_COOKIE['UserName']) && in_array($_COOKIE['UserName'],$AdminUsers,TRUE))
{
$user = 'Admin';
}
else
{
$user = 'User';
}
//echo "<BR>"; print_r($_COOKIE['UserName']);
//echo "<BR>"; print_r($AdminUsers);
?>
<div class="menu-wrap">
<nav class="menu">
<ul class="clearfix" id="menu">
<li><a href="index.php">Home</a></li>
<li><a href="AdvancedSearch.php?PageName=AdvancedSearch">Report Builder</a></li>
<li><a href="OPR Reports.php">OPCEN Reports</a>
<ul class="sub-menu">
<li><a href="ReportPage.php?PageName=OPR_COEI">New COEI OPR Report</a></li>
<li><a href="ReportPage.php?PageName=OPR_OSP">New OSP OPR Report</a></li>
<li><a href="ReportPage.php?PageName=EOJ">EOJ Report</a></li>
<li><a href="MaterialTrackingReport.php?PageName=MaterialTracking">Material Tracking</a></li>
<li><a href="ReportPage.php?PageName=VendorMaterial">Vendor Material Tracking</a></li>
<li><a href="http://mafinfwwapv01/Reports_MDAT/Pages/Report.aspx?ItemPath=/PMDB/CAF2 Tracker">CAF2 Tracker</a></li>
<li><a href="JIMReport.php?PageName=JIMReport">JIM Report</a></li>
</ul>
</li>
<li><a href="#">CAFII Reports</a>
<ul class="sub-menu">
<li class="minHeight"><a href="ReportPage.php?PageName=MaterialReceived">Material Received Job Not Started</a></li>
<li class="minHeight"><a href="ReportPage.php?PageName=CAF2Tracker">CAF2 Tracker New Test</a></li>
<?php
include 'DBConn.php';
$data = $conn->prepare('SELECT Id, QName, SSRSName from pmdb.QDefs where QSrc = 2 AND IsActive = 1 order by QName');
$data->execute();
$result = $data->fetchAll(PDO::FETCH_ASSOC);
foreach ($result as $q)
{
echo '<li class="minHeight"><a href="http://mafinfwwapv01/Reports_MDAT/Pages/Report.aspx?ItemPath=/PMDB/' . str_replace(' ', '+', $q['SSRSName']) . '" target="_blank">' . $q['QName'] . '</a></li>';
}
?>
</ul>
</li>
<li><a href="#">Invoicing/Closing</a>
<ul class="sub-menu">
<li><a href="ReportPage.php?PageName=NonVarassetInvoices">Non-Varasset Invoices</a></li>
</ul>
</li>
<li><a href="#">ENG Reports</a>
<ul class="sub-menu">
<li><a href="ReportPage.php?PageName=ApprovedProjects">Approved Projects</a></li>
<li><a href="ReportPage.php?PageName=ApprovedProjects_PrevDay">Approved Projects Previous Day</a></li>
<li><a href="ReportPage.php?PageName=M6Action">M6Action</a></li>
</ul>
</li>
<?php
if($user == 'Admin')
{
include 'AdminMenu.php';
}
?>
</ul>
</nav>
</div>
It's really just a standard menu and has been working fine till I added the require for the CheckLogin.php page.
All I get is a blank page when I have this require in the AdminPage.php. I don't get the echo I don't get the menu or anything.
What am I doing wrong? This isn't the first time that I've used the require, but it is the first time that it results in a blank page.
I do know that I have the expiration set to last week, I'm trying to force a re-login.
Put the following in your script before any includes or requires.
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);