Fix bug: Restrict access to login and signup pages for logged-in users

Moslihbadr · Jun 11, 2023 · 3a66b6c · 3a66b6c
1 parent e23a718
commit 3a66b6c
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 1 deletion.
diff --git a/blog_details.php b/blog_details.php
@@ -64,11 +64,12 @@
         }else {
           $login_user_id = NULL;
         }
+
+        // check if the logged-in user is the blog owner or an admin
         if ($login_user_id === $user_id) {
           $show_delete_button = true;
         }
 
-        // check if the user is an admin
         $user_type = '';
         if (isset($_COOKIE['login_user_id'])) {
           $sql = "SELECT * FROM users WHERE user_id='$login_user_id' ";

diff --git a/login.php b/login.php
@@ -1,6 +1,12 @@
 <?php 
 include("./php/connect_DB.php");
 
+session_start();
+// check if the user is logged in
+if (isset($_COOKIE['login_user_id'])) {
+  header('location: index.php');
+} 
+
 
 $errorMessage = "";
 

diff --git a/signup.php b/signup.php
@@ -1,6 +1,12 @@
 <?php 
 include('./php/connect_DB.php');
 
+session_start();
+// check if the user is logged in
+if (isset($_COOKIE['login_user_id'])) {
+  header('location: index.php');
+}
+
 if (isset($_POST['signup'])){
 
   $first_name = $_POST['fname'];