Let me explain : I got 3 pages (One to login, a transitional page, and my main page once you are logged.)
So I want prevent access of my app because if you deconnect your session, and then you return back, you still have access to the website even if your session if off. So that's why I want to use !isset($_SESSION['pseudo']).
1st page :
<form method="post" action="<?php echo serverRoot; ?>?action=connect">
<input required class="input-login" name="pseudo" type="text" id="pseudo" placeholder="Login">
<input required class="input-login" type="password" name="password" id="password" placeholder="Password">
<input id="connect" type="submit" value="Connect" />
</form>
So as you can see, once submited, we got the action "connect".
Here the case of "connect":
if (isset($_GET['action'])) {
switch ($_GET['action']) {
case 'connect':
{
showPage(adresseRoot . 'PHP/View/', 'FormConnection.php', "Connection");
break;
}
2nd page :
$user = UserManager::getByPseudo($_POST['pseudo']);
if ($user->getPassword() === 'md5'.md5($_POST['password'].$_POST['pseudo']))
{
$_SESSION['pseudo'] = $user->getLogin();
$_SESSION['id'] = $user->getIdUtilisateur();
$message = '<p>Welcome ' . $user->getLogin() . ', !</p>';
echo $message;
header("refresh:3;url=Paths.php?action=listMenu");
}
As you can see $_SESSION['pseudo'] is now isset. It's not NULL !
And then you have header("refresh:3;url=Paths.php?action=listMenu")
case 'listMenu':
{
if(!isset($_SESSION['pseudo'])){
showPage(adresseRoot . 'PHP/View/', 'FormConnection.php', "Connection"); //You don't have the right to go to the Website
break;
}
else{
showPage(adresseRoot . 'PHP/View/', 'ListMenu.php', "Main page"); //You have the right to go to the Website
break;
}
}
The fact is, when I enter the right logins, I'm redirected to the connection page, not on my Main page... Wtf?
Can anybody help me ?
Well I've found.
I've added session_start() at the top of Paths.php.
& I've deleted the session_start() of all other pages.