But when i click on the dashboard links,i get redirected to the login page. But if i manually navigate to the link, I can access the page.I tried clearing the session using:
<?php
session_start();
unset($_SESSION['login_user']);
echo "Logged out of Dashboard";
?>
and tried manually entering the page, I was redirected to login, so the code is okay. But I need to manually navigate from dashboard to work. What am I doing wrong.
add.php
<?php
session_start();
if(!isset($_SESSION['login_user']))
{
header("Location: http://www.none.com/dashboard/login.php");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Add Product Category</title>
<link rel="stylesheet" type="text/css" href="view.css" media="all">
<script type="text/javascript" src="view.js"></script>
<script>
function validateForm() {
var x = document.forms["form_974780"]["productname"].value;
if (x == null || x == "") {
alert("Please Enter New Product Name");
return false;
}
}
</script>
</head
<body id="main_body" >
<?php
if (isset($_POST['submit']))
{
$productname=$_POST['productname'];
//conn goes here
$check=$conn->query("SELECT pname FROM products WHERE pname='$productname'");
$num_rows = mysqli_num_rows($check);
if($num_rows>0)
{
echo "<font color=\"white\">";
echo("Dealer Already exists ".$productname);
echo"</font>";
}
else
{
$result=$conn->query("INSERT INTO products(pname)VALUES('$productname')");
if($result)
{
echo "<font color=\"white\">";
echo("Successfully Inserted ".$productname);
echo"</font>";
}
else
{
echo "<font color=\"red\">";
echo("Error when inserting");
echo"</font>";
}
}
mysqli_close($conn);
}
else
{
}
?>
<img id="top" src="top.png" alt="">
<div id="form_container">
<h1><a>Add Product Category</a></h1>
<form id="form_974780" class="appnitro" method="post" action="?" onsubmit="return validateForm()">
<div class="form_description">
<h2>Add Product Category</h2>
<p></p>
</div>
<ul >
<li id="li_12" >
<label class="description" for="element_12">Existing Product Categories </label>
<div>
<select class="element select large" id="element_12" name="element_12">
<?php
//conn goes here
$result=$conn->query("SELECT pname FROM products");
while ($row=mysqli_fetch_array($result,MYSQLI_ASSOC)){
echo "<option value='".$row['pname']."'>".$row['pname']."</option>";
}
mysqli_close($conn);
?>
</select>
</div>
</li> <li id="li_13" >
<label class="description" for="element_13">Add New Category </label>
<div>
<input id="element_13" name="productname" class="element text large" type="text" maxlength="350" value=""/>
</div><p class="guidelines" id="guide_13"><small>Enter the new Product Category to add and Click the Submit Button. </small></p>
</li>
<li class="buttons">
<input type="hidden" name="form_id" value="974780" />
<input id="saveForm" class="button_text" type="submit" name="submit" value="submit"/>
</li>
</ul>
</form>
</div>
<img id="bottom" src="bottom.png" alt="">
</body>
</html>
解决方案
You are just checking whether $user_check is set or not..You should also check for the value in it.
Check something like this.
if(!isset($user_check) or $user_check=="")
{
header("Location: http://www.none.com/dashboard/login.php");
}
Now it checks for the value of it.Otherwise, avoid assigning a value for $user_check before checking the condition. Just do something like this.