User with own page

Asked

Viewed 43 times

1

I’m making a portal, and to register need Cpf and email. Then I send a confirmation email, it clicks on the link and its situation in my comic changes. So the user can access the portal. It will only have one page, and all users will use the same page, only the data that will come from the api will be different from each one. How do I know that the user who entered (I need to know from Cpf) is such person to put the data, and such.

Page index.php

<?php session_start(); include 'config/conexao.php';
?>
<!DOCTYPE html>
<html lang="pt-br">
  <head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <!-- As 3 meta tags acima *devem* vir em primeiro lugar dentro do `head`; qualquer outro conteúdo deve vir *após* essas tags -->
    <title>Lojas Guido | Portal do Cliente - Login</title>

    <link href="https://fonts.googleapis.com/css?family=Lato:300,400,700" rel="stylesheet">
    <!-- Bootstrap -->
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" media="all">
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
    <link rel="icon" href="img/icon/guido.ico" type="image/x-icon">
    <link href="css/style.css" rel="stylesheet" media="all">

    <script src="js/jquery-3.2.1.min.js"></script>
      <script>
             $(function(){
                       $("#footer").load("footer.php");
              });
        </script>
  </head>
  <body>

    <nav class="navbar navbar-default navbar-fixed-top fot" role="navigation">
      <div class="container-fluid">
        <div class="navbar-header">

          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#elementoCollapse1">

              <span class="icon-bar"></span>
              <span class="icon-bar"></span>
              <span class="icon-bar"></span>

          </button>

          <a href="http://lojasguido.com.br/" target="_blank" class="navbar-brand links nome">Lojas Guido</a>
          <a href="https://www.facebook.com/lojasguido/" target="_blank" class="navbar-brand links nome"></span><span class="fa fa-facebook-square" style="font-size:24px"></span></a>
          <a href="https://www.google.com/search?q=lojas+guido&npsic=0&rflfq=1&rlha=0&rllag=-9663965,-35738591,201&tbm=lcl&ved=0ahUKEwi4-pKZsoLYAhXJkOAKHexfD34QtgMIKw&tbs=lrf:!2m1!1e2!2m1!1e3!3sIAE,lf:1,lf_ui:10&rldoc=1#rlfi=hd:;si:;mv:!1m3!1d9280.090187594818!2d-35.724626199999996!3d-9.6568108!2m3!1f0!2f0!3f0!3m2!1i791!2i453!4f13.1;tbs:lrf:!2m1!1e2!2m1!1e3!3sIAE,lf:1,lf_ui:10" target="_blank" class="navbar-brand links nome"></span><span class="fa fa-map-marker" style="font-size:24px"></span></a>

        </div>

        <div class="collapse navbar-collapse" id="elementoCollapse1">

          <div class="navbar-form navbar-right">

                <a class="btn btn-default" href="cadastro.php" role="button">Cadastrar</a>

          </div>

        </div>
      </div>

    </nav>


    </div>


        <div class="container">
            <div class="row-fluid">
                <div class="col-xs-12 ok">
                  <h1 class="portal">Portal do Cliente</h1>

                    <div class="form-login">
                        <h2>Entrar</h2>

                        <form name="formulario" id="formEnvia"  method="POST">

                          <?php
                            include "config/valida.php";
                           ?>

                            <label >CPF*</label>
                            <span>Apenas números</span>

                            <input type="text" id="cpf" name="cpf" class="form-control input-lg" placeholder="000.000.000-00" maxlength="14"
      title="Digite apenas números" required />
                    <br>
                            <label inputemail>E-mail*:</label>
                            <input type="email" id="email" name="email" class="form-control input-lg " placeholder="[email protected]" maxlength="50" required/>

                            <br>
                            <button type="submit" name="valida" id="valida" value="valida" onclick="valida_envio()" class="btn btn-primary btn-lg btn-block">
                              <span class="glyphicon glyphicon-ok"></span>
                              <span id="cpf"></span>Acessar</button>
                                <br>
                                <span>Não possui cadastro?</span>  <a class="btn btn-default bot" href="cadastro.php" role="button">Cadastre-se</a>

                        </form>
                    </div>

                </div>
            </div>
        </div>

<br>
<br><br>

<!-- RODAPÉ -->

<div id="footer"></div>

<!-- FIM RODAPÉ -->




<script src="js/jquery-3.2.1.min.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" ></script>
<script src="js/ValidaCpf.js"></script>
<script src="js/jquery.maskedinput.js" type="text/javascript"></script>
  </body>
</html>

Page valida.php

<?php


require_once "config/conexao.php";

if(isset($_REQUEST['valida'])){
  $var1 = $_REQUEST['cpf'];
  $var2 = $_REQUEST['email'];
$query = "SELECT `leados`.`email`, `leados`.`cpf`, `links_emaos`.`situacao` from `leados` INNER JOIN `links_emaos` ON `leados`.`id` = `links_emaos`.`leado_id` WHERE situacao = '2' AND cpf='$var1' AND email= '$var2'";




         $querySelect = mysqli_query($conn,$query);


         if ($received_token === token()) {


         if(mysqli_num_rows($querySelect) == 0){
           $mensagem = "<div class='alert alert-danger'>CPF ou E-mail incorreto!</div>";
           printf ($mensagem);
         }else {

           $_SESSION['cpf'] = $var1;
           $_SESSION['email'] = $var2;
         header("Location:postagem.php");
       }
}else {
  $mensagem = "<div class='alert alert-danger'>Você não tem autorização para entrar!</div>";
  printf ($mensagem);
}
}

Note: I deleted the token codes

  • by what it seems to me you are saving Cpf and his email in a Session, you cannot use this value to indicate to your api which user is logged in?

  • I did in the 3 pages that exists on the site (already after logging in) <body onload="load();"> <?php $secao_cpf = $_SESSION['Cpf']; $secao_email = $_SESSION['email']; ? > But I don’t know if it already makes the api know the Cpf logged in

1 answer

0

Pass user data present in variable SESSION to the page of Dashboard user, within the Dashboard, you can validate the data by performing a new query in the database with the values captured in the session variable.

  • I don’t have this Dashboard page

  • Dashboard is the home page the user will access when entering the system. It is to this page that you will need to send the data via SESSION

Browser other questions tagged

You are not signed in. Login or sign up in order to post.