How to redirect a user to the registration if he has not logged in?

Not all content on a website is accessible to all users. There exist some confidential content where only authorized members can access.

When a user searches for an IEEE Paper, the IEEE.org displays only the abstract of the paper. To read the whole paper, according to the organization’s protocol user requires membership authentication from the organization. Thus, non-members will be redirected to the login page. It is an act of protecting information and validating users.

Functions and Variables Used:

  • Session: Session is a temporary database in an application to capture who is the user and what he does on every page of the web application. This information is stored as variables that can be accessed across multiple pages in one application. Once the user closes the browser, the database gets aborted.
  • Isset: Function to check if a variable is set or not.
  • Header: Function used to send information via HTTP header to client or server.
  • Timeout: Timeout function in javascript used to execute a function after a specified time delay.

Example: We have to design a resistor you can say filter that will stop the non-login user to visit the confidential content.

PHP-Redirect to Login page : The basicpage.php code displays the abstract content that can be viewed by any user. Whereas, when the user clicks read more to view the whole content the program checks if the user is logged in. In this program, the session variable loggedin is used to store a valid authenticated token. The variable is validated whether it stores a value or not using isset function. If a value is not set, the user is redirected to the login page. The location parameter within the header function is used to define the page to be redirected when the condition holds true.



  • basicpage.php Code
    filter_none

    edit
    close

    play_arrow

    link
    brightness_4
    code

    // To check if a user is logged in else,
    // redirect to the login page.
    <?php
     session_start();
     if(isset($_POST['read'])) 
    {    
        if (!isset($_SESSION['loggedin']))
            {
                     header('Location: login.php');
                }
            else
                
                     if (isset($_POST['read']))
                         {
                             header('location:https://www.geeksforgeeks.org/about/');        
                             session_destroy();
                         }
                }    
    }
    ?>
    <html>
      
    <body>
        <img src="GFG.png" style="float:left;width:100px;height:100px;">
        <h1>GeeksForGeeks</h1>
        <h2>A computer science portal for geeks</h2>
        <p>How many times were you frustrated while looking out for a</p>
        <p>good collection of programming/algorithm/interview questions?
            <p>What did you expect and what did you get?</p>
            <p>This portal has been created to provide well written, </p>
            <p>well thought and well explained solutions for selected questions.</p>
            <form action="basicpage.php" method="POST">
                <input type="submit" name="read" value="Read More..." 
                       style="background-color:#4CAF50;
                              color:white;
                              padding:10px 25px;
                              text-align:center;
                              font-size:15px;
                              cursor:pointer;" />
            </form>
    </body>
      
    </html>

    chevron_right

    
    

Login page: The session_start() function used here, is to transfer the variable content from one page (basicpage.php) to other page.

After the form submission via the POST method, if the login credentials are valid, then the variable is set to TRUE.
Using the header function, the page is redirected to basicpage.php where the session variables are transferred along with HTTP request URI. This allows the user to view the whole content when read more button is clicked again in that session.
Using the timeout function, the page redirection is executed after(1500milliseconds) the validation message of the login page is printed.

  • Loginpage.php Code
    filter_none

    edit
    close

    play_arrow

    link
    brightness_4
    code

    // To Validate the user credentials and to sent
    // session variables via HTTP request.
    <?php
    session_start();
    if(isset($_POST['submit']))
    {    
        if($_POST['password'] == "admin")
        {
            $_SESSION['loggedin'] = True;
            echo "Valid Token, GFG Authenticated User";?>
            <script>setTimeout(function(){window.location = 
            </script>
            <?php
        }
        else
        {
                echo "Not a Valid Token, Requires GFG Authentication to log in";?>
                <script>setTimeout(function(){window.location = 
                </script>
                <?php
        }
    }
      
    ?>
    <html>
      
    <body>
        <h1 style="color:green">
          Requires Authentication Token to View Content
        </h1>
        <form method="POST" action="login.php">
            <strong>Password:</strong>
            <input type="password" name="password" id="passwrd" />
            <input type="submit" name="submit" value="Log In"
                   style="background-color:#4CAF50;
                          color:white;padding:10px 25px;
                          text-align:center;font-size:15px;
                          cursor:pointer;" />
            <br>
            <input type="checkbox" onclick="showPassword()"
              Show password
            <script>
                function showPassword() {
                    var x = document.getElementById("passwrd");
                    if (x.type == "password") {
                        x.type = "text";
                    }
                }
            </script>
        </form>
    </body>
      
    </html>

    chevron_right

    
    

  • Output Execution

    • During the very first execution before logged in, the session started for this application. In that case, if the user clicks read more in basicpage.php implies that the session variable logged in is not set (i.e. Null). Page is redirected to loginpage.php.
    • If the user enters incorrect password, the page is redirected to basicpage.php without setting the session variable true and by displaying the validation message “Not a Valid Token, Requires GFG Authentication to log in”.
      Now, if the user clicks read more, again will be redirected to loginpage.php.
    • In loginpage.php when the user enters correct password admin. The session variable, logged-in is set true and redirected to basicpage.php after displaying the validation message “Valid Token, GFG Authenticated User”. Now, if the user clicks read more, the page is redirected to view the whole content.

    Note: Once the logged in the variable is set to TRUE and page redirection to view whole content is completed, the session is destroyed. If the user enters the basic page, a new session begins and requires login credentials (to be entered again) to view the whole content.

    Reference: https://www.homeandlearn.co.uk/php/php14p5.html




    My Personal Notes arrow_drop_up

    Check out this Author's contributed articles.

    If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to contribute@geeksforgeeks.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.

    Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.


    Article Tags :
    Practice Tags :


    Be the First to upvote.


    Please write to us at contribute@geeksforgeeks.org to report any issue with the above content.