Redirecting to another page, using variables from the first one

Question

I have created the following scenario.

I have the index.php file which shows the mainpage. On this there are two fields - User Id and password enclosed in a form tag. The submit button calls the login.php file.
Login.php validates the user id, password etc
Once validation is successful, I want the login.php page to take me to MyDashboard.php page (passing the User Id and Password along).

I tried Header in PHP but does not work. I also tried to do a Javascript window.location.href and tried to call it on $(document).ready but nothing happens.

Please help.

--- Edit ---- here is the code after modification

   <?php
      include_once('./library/Common.php');
      $_EmailId = trim($_POST['validemailid']);
      $_Password = trim($_POST['password1']);
      $_Rememberme = trim($_POST['rememberme']);

      // Get the username from the Email Id by searching for @

      $_UName= substr($_EmailId, 0, strpos($_EmailId, '@'));

      $_Password = md5($_Password);

      session_start();

      $_SESSION['username'] = $_UName;



      $query = "select username, firstname, password_hash,userstatus from users where username = ? and emailid = ?";


      $dbconn = new mysqli('localhost', 'root', '','myDB');

      if($dbconn->connect_errno)
      {
        print getHTML('ERROR', "Error in connecting to mysql".$dbconn->connect_error);
      }

      if(!($stmt=$dbconn->prepare($query)))
      {
        print getHTML('ERROR',"error in preparing sql statement".$dbconn->error);
      }

      if(!($stmt->bind_param('ss',$_UName,$_EmailId)))
      {
        print getHTML('ERROR',"error in binding params in sql statement".$stmt->error);
      }

      if(!$stmt->execute())
      {
        print getHTML('ERROR',"Execute failed: (" . $stmt->errno . ") " . $stmt->error);
      }

      $result=$stmt->get_result();
      $row = $result->fetch_assoc();

      $_dbpwd = $row['password_hash'];
      $_userstatus = $row['userstatus'];

      $errstatus = false;


      if ($row['username'] != $_UName)
      {
        print getHTML('ERROR',"User does not exist with the given email id: ".$_EmailId);

        $errstatus = true;
      }   

      if(($row['password_hash'] != $_Password) && !$errstatus)
      {
        print getHTML('ERROR',"Password does not match");
        $errstatus = true;          
      }

      if(($row['userstatus'] != 'ACTIVE') && !$errstatus)
      {
        print getHTML('ERROR',"User is inactive. Please check your email for activation");
        $errstatus = true;
      }

      if(!$errstatus)
      {
        $_SESSION['firstname'] = $row['firstname'];
        $chksession = "SELECT sessionid FROM USERSESSIONS WHERE USERNAME = ? AND ENDDATE IS NULL";

        if(!($sessionstmt=$dbconn->prepare($chksession)))
        {
            print "error in preparing sql statement".$dbconn->error;
            exit();
        }


        $sessionstmt->bind_param('s',$_UName);

        $sessionstmt->execute();


        $sessionresult=$sessionstmt->get_result();

        $sessionrow= $sessionresult->fetch_assoc();

        $currdate = date('y-m-d H:i:s');




        if($sessionrow['sessionid'] == 0)
        {
            $insertstmt = $dbconn->query("INSERT INTO USERSESSIONS(USERNAME,STARTDATE,ENDDATE) VALUES ('".$_UName."','".$currdate."',null)");

            $insertstmt->close();
        } 
      }

      $sessionstmt->close();
      $stmt->close();
      $dbconn->close();

      header("Location :MyDashboard.php");
      exit;

          ?>
      --- End of Edit -----

Amit

the code is like this $(document).ready(function(){ window.location.href("MyDashboard.php?username="+);}); — user3262234, Mar 07 '14 at 08:06
possible duplicate of [Transfer variables between PHP pages](http://stackoverflow.com/questions/240470/transfer-variables-between-php-pages) — sshow, Mar 07 '14 at 08:18

sshow · Answer 1 · 2014-03-07T08:17:27.683

3

You should use session variables to store variables within a login session. Passing a password along to other pages is not recommended, nor necessary. Read up on Sessions, and take a look at already existing login scripts. Below is a very simple example, redirecting to the next page using the header() function.

<?php

// Validate user credentials and save to session
session_start();
$_SESSION['userId'] = $userId;

// Redirect to next page
header("Location: dashboard.php");

// Make sure that code below does not get executed when we redirect
exit;

?>

edited Mar 07 '14 at 08:17

answered Mar 07 '14 at 08:05

sshow

8,820
4
51
82

better use session and header() without params yes. – Loïc Mar 07 '14 at 08:06

score 2 · Answer 2 · answered Mar 07 '14 at 08:10

2

If user authenticated, In PHP:

header('Location:MyDashboard.php');

answered Mar 07 '14 at 08:10

Nadun

300
4
15

score 0 · Answer 3 · answered Mar 07 '14 at 08:04

0

Try include()

This function allows you to include code from other php scripts.

answered Mar 07 '14 at 08:04

Loïc

11,804
1
31
49

No...I want to open a freshpage...MyDashboard.php – user3262234 Mar 07 '14 at 08:04

score 0 · Answer 4 · answered Mar 07 '14 at 08:08

0

The header function is the correct way. As long as you don't have any output before calling the header function, it should work.

http://us3.php.net/manual/en/function.header.php

Post your code, and let's see what it is that isn't working!

answered Mar 07 '14 at 08:08

Brian Anderson

621
7
22

Posted my code...can you advise what I am doing that is causing this issue... I even tried with javascript... – user3262234 Mar 07 '14 at 08:37

score 0 · Answer 5 · answered Mar 07 '14 at 08:12

0

Header should work in your condition.

Tou can use following code:

header("Location:filename");
exit();

answered Mar 07 '14 at 08:12

dipendra

261
1
3
9

Redirecting to another page, using variables from the first one

5 Answers5