Matt Posted October 27, 2013 Share Posted October 27, 2013 Larry, Sorry I haven't been on here for a while, but I have been working on a project (with Hartleysan) and I have been very busy! I saw the Northeast PHP videos and your presentations were great as usual! I had a question about complicated redirects, since this is kind of an advanced topic, I decided to post it here. I am developing a site where there are customers that register, and they have clients who also register on a separate area of the site. Being very stringent about security, I like to control exactly where different users are allowed to go on the site. If a non-logged-in user tries to access a page which is meant for logged-in users, a page telling them that they have accessed it in error is simply not acceptable. I want to guide the user to where they are supposed to be. So, I have created a function which redirects invalid users in the config.php file. Here is the code: function allow_users($allowed) { switch($allowed) { case 'CLIENTS': if (!isset($_SESSION['client_id'])) { redirect_invalid_user('index.php', 'http://'); break; } case 'CLIENTS_VISITORS': if (isset($_SESSION['customers_id'])) { redirect_invalid_users('customers/index.php', 'http://'); break; } case 'CUSTOMERS': if (!isset($_SESSION['customer_id'])) { redirect_invalid_users('customers/index.php', 'http://'); break; } case 'CUSTOMERS_VISITORS': if (isset($_SESSION['client_id'])) { redirect_invalid_users('index.php', 'http://'); break; } case 'VISITOR': redirect_invalid_users('index.php', 'http://'); break; } } function redirect_invalid_user($destination = 'index.php', $protocol = 'http://') { $url = $protocol . BASE_URL . $destination; header("Location: $url"); exit(); } I would call the function on each page, passing in the argument for allowed visitors: allowed_users('CLIENTS_VISITORS'); For example, if a logged-in customer tries to access the customer registration form, he/she would be redirected back to the customer/index.php page. Is this an acceptable approach? Is there a better way of handling this? Any help or advice would be greatly appreciated! Thanks, Matt Link to comment Share on other sites More sharing options...
Larry Posted November 3, 2013 Share Posted November 3, 2013 Hello Matt. Thanks for the nice words and apologies for the delay. Crazy swamped these days. I wish you (and Jonathan) luck with your new project. Overall, I think this is acceptable, although I might do it differently, mostly cleaning up the logic a bit. But anything I might suggest is quite a minor quibble. Link to comment Share on other sites More sharing options...
Matt Posted November 3, 2013 Author Share Posted November 3, 2013 Larry, Thank you very much for the valuable feedback! Feel free to recommend changes if you think it will improve the code! Thanks again! Matt Link to comment Share on other sites More sharing options...
Recommended Posts