Jump to content

Log in redirect


Recommended Posts

I'm unsure on how to go about setting up a log in redirect, like, if a guest visits the site I would like every page to display some kind of message saying you're not logged in and have a button to login/register. right now logged in or not you can visit every page. 

I just really don't know how to go about this, I have tried googling but I haven't really found anything that i'm looking for. maybe i'm not searching the right thing?  

Link to comment
Share on other sites

This is a very vague question.

The general idea is that you have a check on every page that searches for your user's account data, and then if no data is found or an error occurs you conditionally show a div that has a "You are not logged in" message and the links to log in or register. 

How you accomplish that will depend on what you're building your site in (PHP, JavaScript, ect.) 

Link to comment
Share on other sites

  • 2 weeks later...

It would be better to do an actual redirect to a must be logged in page of some sort than to just echo stuff out. Will be more flexible log term.

You can do redirects in php with header() (make sure you use die() or exit() after the header call), however, you need to do the redirect before you output anything else, or it won't work. I recommend having it in a config file of some sort that you can easily require on every page that can check if the current page should require authentication, and if so, if not authenticated redirect. 

Make the 'should require authentication' a function as well as the 'is authenticated' a function and that will simply the logic for you. 

Then you can do something like this (just to give you the idea)

if (thisPageRequiresAuthentication && !isAuthenticated) {

    header("Location: http://domain.com/mustlogin.php");


Header From PHP manual,



And stackoverflow example using header, the first question seems extensive,



To develop the thisPageRequiresAuthentication function there are different options, just depends what you want and what you already are using. In a lot of cases, such as if you were using a framework or a routing engine, then you'd likely handle it a little differently, but a simple solution assuming you are not doing that but are still just learning would be to just have a list of page names that don't need to be authenticated (or a list that does whitelist vs blacklist) and compare the current page being requested to that list to determine if it's need authenticated. 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...