I have a problem with my LDAP Authentication redirection. If I access Index.php it should redirect my request to my login page (login.php). This does work. After I enter my Credentials it does not redirect me to the Index Page. Any Tipps?
Here is my Code:
index.php;
<?php
session_start();
if(!isset($_SESSION['user'])) {
// user is not logged in, do something like redirect to login.php
header("Location: http://192.168.0.20:8090/login.php");
exit;
}
?>
login.php
<?php
include("authenticate.php");
// check to see if user is logging out
if(isset($_GET['out'])) {
// destroy session
session_unset();
$_SESSION = array();
unset($_SESSION['user'],$_SESSION['access']);
session_destroy();
}
// check to see if login form has been submitted
if(isset($_POST['userLogin'])){
// run information through authenticator
if(authenticate($_POST['userLogin'],$_POST['userPassword']))
{
// authentication passed
header("Location: http://192.168.0.20:8090/index.php");
die();
} else {
// authentication failed
$error = 1;
}
}
// output error to user
if(isset($error)) echo "Login failed: Incorrect user name, password, or rights<br />";
// output logout success
if(isset($_GET['out'])) echo "Logout successful";
?>
CodePudding user response:
You forget session_start();
. (-brombeer)
You need session_start();
to initialize a new session or use existing session.
<?php
session_start();
include("authenticate.php");
// check to see if user is logging out
if(isset($_GET['out'])) {
// destroy session
session_unset();
$_SESSION = array();
unset($_SESSION['user'],$_SESSION['access']);
session_destroy();
}
// check to see if login form has been submitted
if(isset($_POST['userLogin'])){
// run information through authenticator
if(authenticate($_POST['userLogin'],$_POST['userPassword']))
{
// authentication passed
header("Location: http://192.168.0.20:8090/index.php");
die();
} else {
// authentication failed
$error = 1;
}
}
// output error to user
if(isset($error)) echo "Login failed: Incorrect user name, password, or rights<br />";
// output logout success
if(isset($_GET['out'])) echo "Logout successful";
?>