How to prevent the user from accessing without being logged in?

Asked

Viewed 730 times

0

I am developing an application with Extjs 4 and PHP. My problem is this: How do I make it so that the user can’t access an application page without being logged in? I’ve tried everything (I know), but it’s like HTML ignores the check I do.

Page indexPrincipal:

<!DOCTYPE HTML> 
 <?php
    include('connect.php');
    session_start();
    if (!$_SESSION['logado']){        
        header("Location: index.html");
        session_destroy();
    } 
?>   
<html>
<head>
    <meta charset="UTF-8">
    <title>SIG - Sistema Integrado de Gestão - EMCM/RN</title>
    <!-- <x-compile> -->
        <!-- <x-bootstrap> -->
            <link rel="stylesheet" href="bootstrap.css">
            <link rel="stylesheet" href="resources/css/app.css">
            <script src="ext/ext-dev.js"></script>
            <script src="bootstrap.js"></script>
        <!-- </x-bootstrap> -->
        <script src="app.js"></script>
        <!--<script type="text/javascript" src="app/view/Login.js"></script>-->
    <!-- </x-compile> -->
</head>
<body></body>
</html>
  • Just a hint: put one die or exit() after the session_destroy

1 answer

1


You cannot send headers with the function header() after output of some data. To fix your problem try this:

<?php
    include('connect.php');
    session_start();
    if (!isset($_SESSION['logado']) || $_SESSION['logado'] !== 1){        
        header("Location: index.html");
        session_destroy();
        exit;
    } 
?>   
<!DOCTYPE HTML>
<html>
<head>
</head><body>....</body></html>
  • It didn’t work, you keep ignoring the check :(

  • I edited the answer to add an extra check and make sure it redirects.

  • Nothing yet, man :(

  • Dude, I figured out the problem. My page was in . html format, so it ignored the check. I changed it to . php and it worked. Thanks for the help!

Browser other questions tagged

You are not signed in. Login or sign up in order to post.