i try to create login page with two different user level for example admin and staff. i did not get any error on my code but it just did not direct to the page it been set to. it just display wrong username or password. i not really sure what is wrong.
here is the code
loginForm.php
<form action="login.php" method ="post">
<table>
<tr><td>Usernama</td>
<td><input name="username" type="text" size = "15" maxlength = "15"/></td></tr>
<tr><td>Password</td>
<td><input name="password" type="password" size = "15" maxlength = "15"/></td></tr>
</table>
<br><input name="submit" type ="submit" value ="Login"/></td>
</form>
login.php
<?php
ob_start();
$host="localhost";
$user="root";
$pass="";
$db_name="office";
$tbl_name="login";
mysql_connect("$host", "$user", "$pass")or die("cannot connect");
mysql_select_db("$db_name")or die("Cannot Select Database");
// username and password sent from form
$sername=$_POST['username'];
$password=$_POST['password'];
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$sql="SELECT * FROM daftarPenyelia WHERE user='$username' AND pass='$password' AND userLevel='$userLevel'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
if ($count == $userLevel)
{
if ($userLevel == 1)
{
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
header("location:adminMenu.php");
}
else if ($userLevel == 2)
{
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
header("location:staffMenu.php");
}
}
else
{
echo "Wrong Username or Password";
}
?>
can someone help me with this code and tell me what is wrong so that i can fix them