close ad
 
Important WebAssist Announcement
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

after login redirect to page according to user_level

Thread began 2/24/2011 6:17 am by info105077 | Last modified 6/01/2015 5:22 pm by Ray Borduin | 55354 views | 27 replies |

info105077

after login redirect to page according to user_level

Hi

my apologies if this question has been covered previously but after trwaling cannot seem to locate the answer.

My question is: Is there an easy way to redirect a user after immediately logging in according to their user level access to their own specific page? ie a person logs in who has admin access redirects to for example admin-index.php or similarly a visitor with a visitor access level is immediately redirected to visitor-index.php ? I understand page level access but can't see the redirect anything other than the login success page.

is it something to do with parameters after clicking the folder browse button in the authenticate user login behaviour

Thanks in advance for help offered

Russ

Sign in to reply to this post

Jason ByrnesWebAssist

you would need to hand code this on the login success page.

Lets say for exmple sakes that the session that contains the user level is named "UserLevel" and it contains the values "admin" or "visitor"

you could use the following code at line 1 of the login success page:

php:
<?php

if(!session_id()) session_start();
switch(
$_SESSION['UserLevel']) {
    case 
"admin":
        
header("Location: admin_index.php");
        break;
    case 
"visitor":
        
header("Location: visitor_index.php");
        break;
}
?>
Sign in to reply to this post

info105077

That did it!

Hi Jason, thank you very much, that nailed it. I used your code and adapted:

<?php
if(!session_id()) session_start();
switch($_SESSION['user_level']) {
case "4":
header("Location: admin-index.php");
break;
case "3":
header("Location: admin-index.php");
break;
case "2":
header("Location: publishers-index.php");
break;
case "1":
header("Location: registered-index.php");
break;
}
?>

Makes me want to dive into php if I had more time!

without being presumptuous, you don't think it's something you might incorporate in a securityassist update?

will save as a snippet none the less

Thanks again

Russ

Sign in to reply to this post

Jason ByrnesWebAssist

If you would like to have this considered for a future update, please post your request to the wish list forum.

Sign in to reply to this post

aati424262

Can not modify the login PDP script

Hi Jason
I tried your login code to control different levels access, but after modifying the code as described a second "Log IN" server behavior is created and I receive a error message saying;
"The Server Behavior Panel can not determine whether "Log IN" or "Log In" is applied to your page. Please use Edit Server Behavior ... to ensure each is uniquely identifiable". But I can not edit them or delete any of the "log INs"?.
I get this message even I add a blank line in the automatically created code.
I am using CS5 Dreamweaver on vista.

I will appreciate any assistance. I took me two days continuous search to find this solution in this helpful forum

Sign in to reply to this post

Jason ByrnesWebAssist

please send a copy of your page in a zip archive so i can examine the code.

Sign in to reply to this post

aati424262

after login redirect to page according to user_level

Hi Jason
Here is my code for redirecting users to pages according to their level (userRole). I receive the following warning, when I browse:-
Notice: Undefined index: UserRole in C:\xampp\htdocs\Online_Site\Login.php on line 44

The "UserRole" is a column in users table in my mysql database.
The other code is created by dreamweaver. I just inserted your code with the modification according to my database
What can I do to make it work. I appreciate your assistance


mysql_select_db($database_MySQLonlineCoonetcion, $MySQLonlineCoonetcion);
$query_getCustomers = "SELECT * FROM users ORDER BY UserRole ASC";
$getCustomers = mysql_query($query_getCustomers, $MySQLonlineCoonetcion) or die(mysql_error());
$row_getCustomers = mysql_fetch_assoc($getCustomers);
$totalRows_getCustomers = mysql_num_rows($getCustomers);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
$user = $_SESSION['userRole']; //---- This is line 44
switch($user) {
case "admin":
header("Location: admin-index.php");
break;
case "client":
header("Location: clerk-index.php");
break;
case "clerk":
header("Location: client-index.php");
break;
case "guest":
header("Location: guest-index.php");
break;
}
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['loginbtn'])) {
// loginbtn is a hidden fieldtext has the value of 1 to ensure the login form has been submitted.
$loginUsername=$_POST['UserName'];
$password=$_POST['UserPW'];
$MM_fldUserAuthorization = $_GET['UserRole'];
$MM_redirectLoginSuccess = "/public_html/Admin/ClerkAdmin/clerk-index.php";
$MM_redirectLoginFailed = "/public_html/Login.html";
$MM_redirecttoReferrer = true;
mysql_select_db($database_MySQLonlineCoonetcion, $MySQLonlineCoonetcion);

$LoginRS__query=sprintf("SELECT UserName, UserPassword FROM users WHERE UserName=%s AND UserPassword=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));
$LoginRS = mysql_query($LoginRS__query, $MySQLonlineCoonetcion) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);

if ($loginFoundUser) {
$loginStrGroup = "";

if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;

if (isset($_SESSION['PrevUrl']) && true) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
}
?>

Sign in to reply to this post

Jason ByrnesWebAssist

you have a couple problems going on here.

1) At line 44 you are setting the $user variable to the value of the $_SESSION['userRole'] variable.

the error is saying that the $_SESSION['userRole'] variable does not exist. there is no where in the code that you are setting the userRole session variable.


2) The code to redirect the user based on user level needs to be applied to the login success page, not the login page.

3) you need to set the getCustomers recordset to filter the username
column on the $_SESSION['MM_Username'] value set by the login.

Then you can set the $_SESSION['userRole'] to use the value from the recordset.

Sign in to reply to this post

aati424262

Does not redirect

Thank you for response.
Since that day I was trying hard on re-direct my users after login according to their levels i.e "admin", "clerk", "client" and guest.
I checked the process by printing out before each steps and have the following result:
1a: UserName :admin01
1b: UserName :admin01
1c: UserRole :-admin
5: session statrted
7: LoginFormAction
13: isset($_POST[Username])= true
15: username: clerk01
17: Password:clerk01
18: UserRorle:clerk
Asign $MM_redirectLoginSuccess = getTheUserPage($UserRole)
19: Function getTheUserPage started
19b4switch: UserRole =clerk
19clerk: UserRole =clerk
19return UserRole:clerk
20: User LoginFounduser found
23: redirectLoginSuccess, call getUserPage

That shows my code was running but is not giving the required results as it is showing the user redirected page.
The code is as follows:
<? php

...
//////////////////////////////////////////////////////////////////////////////////////////
///////////// Find the loginsuccess page
//////////////////////////////////////////////////////////////////////////////////////////

function getTheUserPage($UserRole){
echo ('<br>'.' 19: Function getTheUserPage started'.'<br>');
echo ('19b4switch: UserRole ='.$UserRole.'<br>');
switch($UserRole) {
case "admin":
header("Location: admin/admin-index.php");
echo ('19admin: UserRole ='.$UserRole.'<br>');
break;
case "client":
header("Location: clerk/clerk-index.php");
echo ('19client: UserRole ='.$UserRole.'<br>');
break;
case "clerk":
header("Location: client/client-index.php");
echo ('19clerk: UserRole ='.$UserRole.'<br>');
break;
case "guest":
header("Location: guest-index.php");
echo ('19guest: UserRole ='.$UserRole.'<br>');
break;
}
// return $UserRole;
echo ('19return UserRole:'.$UserRole.'<br>');
}

//////////// DB operation
//-------------------------------------------------------------

mysql_select_db($database_MySQLonlineConnection, $MySQLonlineConnection);
$query_GetCustomers = "SELECT * FROM users";
$GetCustomers = mysql_query($query_GetCustomers, $MySQLonlineConnection) or die(mysql_error());
$row_GetCustomers = mysql_fetch_assoc($GetCustomers);
$totalRows_GetCustomers = mysql_num_rows($GetCustomers);

echo ('1a: UserName :'.$row_GetCustomers['UserName'].'<br> 1b: UserName :'.$row_GetCustomers['UserPassword'].'<br>'); // username = admin01
echo ('1c: UserRole :-'.$row_GetCustomers['UserRole'].'<br>'); // UserRole= admin
?>
<?php
///////////////////////////////////////////////////////
// *** Validate request to login to this site.
///////////////////////////////////////////////////////

if (!isset($_SESSION)) {
session_start();
echo ('5: session statrted'.'<br>'); ///////////////////// Session initialized!!!
}

$loginFormAction = $_SERVER['PHP_SELF'];
echo('7: LoginFormAction '.'<br>'); /////////////////// LoginFormaction strated!!!

////////////////////////////////////////////////////////////////////////////////////////////////////
// check if login page redirected from a previous URL and set session to that URL check
//////////////////////////////////////////////////////////////////////////////////////////////////

if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
echo ('11: set $_session[PrevUrl]'.'<br>'); //////////////////////// Goto previous URL
}
///////////////////////////////////////////////////////////////////////////////////////////////////
//Check and assign UserName and password posted by the login form.
// Define the login-failed and login-sucessful pages
//////////////////////////////////////////////////////////////////////////////////////////////////

if (isset($_POST['UserName'])&&'submitted') {

echo ('13: isset($_POST[Username])= true'.'<br>'); //////////////////// Username found?
$loginUsername=$_POST['UserName'];
$password=$_POST['PW'];
$MM_fldUserAuthorization = "";

$MM_redirectLoginFailed = "/Online_site/Admin/login5.php";
$MM_redirecttoReferrer = true;

mysql_select_db($database_MySQLonlineConnection, $MySQLonlineConnection);
$LoginRS__query=sprintf("SELECT * FROM users WHERE UserName=%s AND UserPassword=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));

$GetCustomers = mysql_query($LoginRS__query, $MySQLonlineConnection) or die(mysql__error());
$loginFoundUser = mysql_num_rows($GetCustomers);
///////////////////////////////////////////////////////////////////////////////////////////
$row_GetCustomers = mysql_fetch_assoc($GetCustomers);
$totalRows_GetCustomers = mysql_num_rows($GetCustomers);

///////////////////////////////////////////////////////////////////////////////////////////
$UserRole =$row_GetCustomers['UserRole']; /////////////// Assign UserRole vlaue from the SQL Query
echo ('15: username: '.$loginUsername.'<br>');
echo ('17: Password:'.$password.'<br>');
echo ('18: UserRorle:'.$UserRole.'<br> Asign $MM_redirectLoginSuccess = getTheUserPage($UserRole)'); //Result: clerk...
$MM_redirectLoginSuccess = getTheUserPage($UserRole); // User index Page

////////////////////////////////////////////////////////////////////////////////////////////
//session_regenaerate_id If User is found
/////////////////////////////////////////////////////////////////////////////////////////////
if ($loginFoundUser) {
$loginStrGroup = "";
echo ('20: User LoginFounduser found'.'<br>'); //////////////////// Test if user found !
//--------------------------------------------------------------------------------------------------
/////////////////////////////////////////////////////////////////////////////////////////
/// Test if PHP >=5.1
/////////////////////////////////////////////////////////////////////////////////////////
if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;

////////////////////////////////////////////////////////////////////////////////////////////////////
// check if login page redirected from a previous URL then set the redirection to the prev URL.
// then direct the successful login to a website else to failed login page
//////////////////////////////////////////////////////////////////////////////////////////////////
if (isset($_SESSION['PrevUrl']) && true) {
echo ('21: '.' redirectLoginSuccess =PrevURL'.'<br>'); //////////// redirectLoginsuccess
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
echo ('23: '.' redirectLoginSuccess, call getUserPage '.'<br>'); //////////// redirectLoginsuccess
exit;

}
else {
echo ('25: <br>'.'redirectLoginFailed'.'<br>'); /////////// Test if login Failed
header("Location: ". $MM_redirectLoginFailed );
exit;

}
echo ('27: User LoginFounduser not found'.'<br>'); // Test if LoginFounduser not found !

}
echo ('29: isset($_POST[UserName]= FALSE'.'<br>'); // Test if login Failed

?>

Sign in to reply to this post

Jason ByrnesWebAssist

1) all of the echos before the header function will cause the header function to fail.


the header function cannot perform a redirect if there is outout to the page before the header function is called.

2) I see you are setting the $MM_redirectLoginSuccess variable in this code:
echo ('18: UserRorle:'.$UserRole.'<br> Asign $MM_redirectLoginSuccess = getTheUserPage($UserRole)'); //Result: clerk...
$MM_redirectLoginSuccess = getTheUserPage($UserRole); // User index Page


but none of your echo statements actually tell you what it is being set to by the time it hots this code:
header("Location: " . $MM_redirectLoginSuccess );


really, you only need one echo, just before the header function:
echo("redirect: ".$MM_redirectLoginSuccess);
header("Location: " . $MM_redirectLoginSuccess );

if that shows the correct URL, then delete the echo statement, and it should redirect you to the correct place.

Sign in to reply to this post
loading

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...