I made a PHP login script but the best I came up with wasn't quite what I expected. It is a emergency solution to have at least a very simple login, but I wanted to get it a little nicer.
The script redirects all people to one single same page. Now I need this script to be rewritten so that it redirects user to their own private page. Please note that I want the script not too be much more complicated or different.
Here is the script I have so far:
<?php
$user_pass_list = array ("user1" => "pass1", "user2" => "pass2");
$user = $_POST['user'];
$pass = $_POST['pass'];
if(array_key_exists($user,$user_pass_list)){
if($user_pass_list[$user] == $pass){
header("location: http://www.examplesite.net");
} else{
echo "login failed";
}
}
?>
As you can see it always direct to examplesite.net, for every user in the array. Now I want the script to redirect an account to its personal page, so that I can write different info on the page, etc.
Can somebody do this?
All you would really have to do is append the user to the URL you are redirecting to.
header( "location: http://www.examplesite.net/" . $user );
This is the simplest way but it has a problem. This will mean that your some other URL's might be taken by users! What if a person's user name is "FAQ". That would mean that his user page would be:
http://www.examplesite.net/faq
What happens if the user chooses a name like "about" or "help". I think you see where I'm going with this.
To avoid this problem, you could redirect the users to a page like this:
header( "location: http://www.examplesite.net/user/" . $user );
Now you can have a separate script to handle user pages. We're on the right track!
In order to manage these URLs, I'd recommend using an .htaccess file to re-route requests to the correct page. Something like this:
RewriteCond $1 ^users/ # Matches URLs starting with users
RewriteCond %{REQUEST_FILENAME} !-f # skip direct requests for files
RewriteCond %{REQUEST_FILENAME} !-d # skip direct requests for directories
RewriteRule ^(.*)$ user_page.php?username=$1 [L] # redirect with GET param
With these lines in your htaccess, any request to http://www.examplesite.net/user/ will be redirected to the user_page.php script in the root directory of the site. That page will receive a get parameter called $_GET[ "username" ] which will be the users name.