-1

The problem is when the user logged-in after that user tries to login again with same/diff credentials in same browser it is accepting ...

I don't know where i kept wrong..

Here is the loggedin.php

      <?php

    header("Cache-Control: private, must-revalidate, max-age=0");
    header("Pragma: no-cache");
    header("Expires: Fri, 4 Jun 2010 12:00:00 GMT");

     include('GenericClasses/GenericCollectionClass.php');
      include('Models/UsersModel.php');
      include('DataObjects/Users.php');
      include('DatabaseAccess/DBHandler.php');

      session_start();

      if(!isset($_SESSION['user']))
  {
   header('Location: LoginViewController.php');
     exit();
   }
   echo '"<div style="background:white; text-align:right"> Login as:'.$_SESSION['user'].'
   <a href="LogoutViewController.php" style="text-align:right">Logout</a></div>"';
    $username=$_SESSION['user'];
    $model = new UsersModel();

    $result = $model->checkUserid($username);
     $_SESSION['id']=$result;
    echo '<div style="background:white; text-align:right;">'.$_SESSION['id'].'</div>';

    ?>

Any suggestions will be acceptable...

PHP CODER
  • 1,553
  • 4
  • 17
  • 34
  • sounds like a session\cookie issue but impossible to tell based on the information supplied –  Jun 27 '13 at 04:32
  • @Dagon That means you need the loginindex code also .... – PHP CODER Jun 27 '13 at 04:35
  • You could try to check if the session is started, and only if it is not started, start one. Use this check code: http://stackoverflow.com/questions/6249707/check-if-php-session-has-already-started and place the session_start code inside. – Gimmy Jun 27 '13 at 04:36
  • @Gimmy But they are using cookies.. i don't know how to use cookies..is it necessary using cookies... – PHP CODER Jun 27 '13 at 04:43
  • Then you could use 'session_unset();' before 'session_start();' – Gimmy Jun 27 '13 at 04:57
  • @Gimmy Again it is showing same result... – PHP CODER Jun 27 '13 at 05:05

1 Answers1

0

I got the answer for my question ....

Here is the code for the redirecting user based on the session[user] in LoginViewController.php and it's working fine..

1) Always place session_start() top of the code...

    <?php
       session_start();

          include('GenericClasses/GenericCollectionClass.php');
          include('Models/UsersModel.php');
          include('DataObjects/Users.php');
          include('DatabaseAccess/DBHandler.php');
           if(!empty($_SESSION['user']))
           {

             header("Location:loggedin.php");
           die();
           }
           else 
          {
        ?>
         //Html code for login page
        <?php
          }
             ?>

Here is Loggedin.php code ..

              <?php
                    session_start();
              header("Cache-Control: private, must-revalidate, max-age=0");
              header("Pragma: no-cache");
              header("Expires: Fri, 4 Jun 2010 12:00:00 GMT");

               include('GenericClasses/GenericCollectionClass.php');
               include('Models/UsersModel.php');
               include('DataObjects/Users.php');
               include('DatabaseAccess/DBHandler.php');


        if(!isset($_SESSION['user']))
      {
       header('Location: LoginViewController.php');
        exit();
        }
         echo '"<div style="background:white; text-align:right"> Login as:'.$_SESSION['user'].'
     <a href="LogoutViewController.php" style="text-align:right">Logout</a></div>"';


      ?>
PHP CODER
  • 1,553
  • 4
  • 17
  • 34