How to make an IF ELSE condition in PHP and MySQL query with user LOGIN info

Question

Good day! I really need someone's help here. I have a hard time thinking about how to execute the right code.

I am creating a website with a single index.php file wherein it consists of 2 headers. I am using "include" statement for the header to be called on the index. "header1.php" is the default header for the guests of the websites which also consist of "LOGIN" button. While "header2.php" is the header for those who have logged in their account and have a "LOGOUT" button.

The problem is, when the guest visits the websites, the websites will show the default header which is "header1.php". And when the user log in to his/her account, the "header2.php" will show. How should i suppose to call the header? What condition should I write inside the if else statement? It will probably need an access to the MySQL Database for the user's data.

Example:

<?php
if( user log in to his account ){

    include 'header2.php';

}else{

    include 'header1.php';
}

my log in script is:

<?php

session_start();

$username = $_POST['username'];

$password = $_POST['password'];

$connect = mysqli_connect("localhost", "root", "", "yfcgk_canlaon");

$query = mysqli_query($connect, "SELECT * from members WHERE USERNAME = '$username' and PASSWORD = '$password'");

$count = mysqli_num_rows($query);

if($count <= 0 ){

    session_start();

    header("location:index.php?error");

}else{

    $_SESSION['user'] = 1;

    $_SESSION['username'] = ucwords($username);

    header("location:index.php");
}
?>

You can do something like: if(isset($_SESSION['user']) && $_SESSION['user'] == 1) { include("header2.php"); } else { include("header1.php"); } — Michael Tétreault, Aug 06 '20 at 13:49
**Warning:** You are wide open to [SQL Injections](https://stackoverflow.com/a/60496/1839439) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/5741187) — Dharman, Aug 06 '20 at 14:20

Fakt309 · Accepted Answer · 2020-08-06T13:54:30.740

-1

May be this

if ($_SESSION['user'] && $_SESSION['user'] == 1) {

  include 'header2.php';

}else{

  include 'header1.php';

}

edited Aug 06 '20 at 13:54

answered Aug 06 '20 at 13:45

Fakt309

821
5
14

Also you can use `isset()` function. `if (isset($_SESSION['user']) && $_SESSION['user'] == 1) {` – Fakt309 Aug 06 '20 at 13:50
May be try: `if ($_SESSION && $_SESSION['user'] && $_SESSION['user'] == 1)` or `if (isset($_SESSION) && isset($_SESSION['user']) && $_SESSION['user'] == 1)` – Fakt309 Aug 06 '20 at 13:53
Before this condition, you must also `session_start();` – Fakt309 Aug 06 '20 at 13:55
but i got another problem. once i log out, the header2.php remains with LOGOUT button. it should be the default header1.php will be shown – Kirk Hammet Aug 06 '20 at 13:59
Logout – Kirk Hammet Aug 06 '20 at 14:01
When you log out you should `$_SESSION['user'] = 0;` or `unset($_SESSION['user']);` or `session_unset();` – Fakt309 Aug 06 '20 at 14:03
>Log out – Kirk Hammet Aug 06 '20 at 14:29

How to make an IF ELSE condition in PHP and MySQL query with user LOGIN info

1 Answers1