When I am match data with database in a login system and login check is success then set a value in a session variable and page go to the dashboard and user not back from Dashboard page until user is login.
if(isset($_POST["login"])){ $u_id=$_POST["username"]; $pw=md5($_POST["password"]); $query=mysqli_query($con,"SELECT * FROM `login` WHERE `user_id`='$u_id' AND `password`='$pw'"); }
I am using this code for login
First you connect MySQL database in you page, then start the session library that’s like start_session().
Now match data with Login table and if query return true then set a redirect page and set a value in session variable. I will give a example in the below, that you are want. So follow the example:
Example:
include 'dbconnect.php'; session_start(); if(isset($_POST['login'])){ $username = $_POST['username']; $password = $_POST['password']; $sql=mysqli_query($mysqli,"SELECT * FROM `login` where `username`='$username'AND `password`='$password'"); $row=mysqli_num_rows($sql); if($row > 0) { header("location:dashboard.php"); $_SESSION['user_name']=$username; } else { echo "Un-Authenticated User"; } }
You want to set a permission of page redirect. When user still in login then user not go to the login page. so set in the login page when session value is not empty then user can not to redirect in the login page. I have a example for you. Show the example
if(!empty($_SESSION['user_name'])) { header("location:dashboard.php"); }