Daevanam

Thank you so very much! Such a help! I'm pretty sure i'll have more questions soon that i'm hoping you'll be able to help me with! Thanks once again!

Thank you so much! Yeah, i'm unfortunately terribly noob :/ Just to clarify: In the base.php i should start my session so the variables are open, correct? So something like this: <?php session_start(); if(!isset($_SESSION)) { session_id(); $_SESSION['username']= ""; $_SESSION['LoggedIn'] = false; $_SESSION['userID']= ""; $_SESSION['userType'] = ""; } $dbhost = "localhost"; // this will ususally be 'localhost', but can sometimes differ $dbname = "aa2"; // the name of the database that you are going to use for this project $dbuser = "root"; // the username that you created, or were given, to access your database $dbpass = ""; // the password that you created, or were given, to access your database mysql_connect($dbhost, $dbuser, $dbpass) or die("MySQL Error: " . mysql_error()); mysql_select_db($dbname) or die("MySQL Error: " . mysql_error()); ?> and checking the variable i should always use === or is it situational? Just to make sure i'm kinda grasping it: if($_SESSION['LoggedIn'] === true) { }else{ echo "click <a href = ../index.php> here </a> to login"; } if($_SESSION['userType'] == "admin") { echo "You're logged in as an admin"; }else { } As the 'userType' is a word i'm using == and the LoggedIn is a boolean so i'm using === Correct? Thanks again!

Sorry! Okay so this is my index page: <?php include "content/base.php"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Login</title> <link rel="stylesheet" href="style.css" type="text/css" /> </head> <body> <div id="main"> <h1>B'n'B Hospitality Service Providers Portal</h1><br /> <h2>Member Login</h2> <p>Thanks for visiting! Please either login below, or <a href="register.php">click here to register</a>.</p> <form method="post" action="validate/validate.php" name="loginform" id="loginform"> <fieldset> <label for="username">Username:</label><input type="text" name="username" id="username" /><br /> <label for="password">Password:</label><input type="password" name="password" id="password" /><br /> <input type="submit" name="login" id="login" value="Login" /> </fieldset> </form> </div> <?php if(!isset($_SESSION)) { session_start(); session_id(); $_SESSION['username']= ""; $_SESSION['LoggedIn'] = false; $_SESSION['userID']= ""; $_SESSION['userType'] = ""; } ?> </body> </html> And this is the verify login page: <head> <title>Registration</title> <link rel="stylesheet" href="../style.css" type="text/css" /> </head> <body> <div id="main"> <?php include ('../content/base.php'); $username = $_POST['username']; $password = $_POST['password']; $login = mysql_query("SELECT * FROM tuser WHERE (cUserName = '" . mysql_real_escape_string($username) . "') AND (cUserPassword = '" . mysql_real_escape_string(md5($password)) . "')"); echo mysql_error(); if(mysql_num_rows($login) == 1) { $_SESSION['LoggedIn'] = true; $_SESSION['username'] = $username; $_SESSION['userID'] = mysql_query("SELECT cUserID FROM tuser WHERE cUserName = '". $username ."'"); $_SESSION['userType'] = mysql_query("SELECT cUserType from tuser WHERE cUserName = '". $username . "'"); $userstatus = mysql_query("SELECT cUserType FROM tuser WHERE cUserName = '" . $username . "'"); $result = mysql_fetch_assoc($userstatus); if($result['cUserType'] == "user") { echo "Welcome to our user portal ".$_SESSION['username']; echo '<META HTTP-EQUIV="Refresh" Content="2; URL=../usercp.php">'; } else { echo header('Location: ../adminCP.php'); } } else { echo "Login failed<br />"; echo "Go <a href='index.php'>try again now</a> or wait for automatic refresh"; echo '<META HTTP-EQUIV="Refresh" Content="2; URL=../index.php">'; } ?> </div> </body> And the code im using to 'compartmentalize' the pages between admin and user: <?php include "content/base.php"; if($_SESSION['LoggedIn'] = true) { }else{ echo "click <a href = ../index.php> here </a> to login"; } if($_SESSION['userType'] = "admin") { echo "You're logged in as an admin"; }else { } ?> <!DOC And my logout page: <?php include "content/base.php"; $_SESSION = array(); session_destroy(); $_SESSION['username']= ""; $_SESSION['LoggedIn'] = false; $_SESSION['userID']= ""; $_SESSION['userType'] = ""; ?> <meta http-equiv="refresh" content="0;index.php"> Basically, it's not doing anything it's meant to. It's showing "youre logged in as an admin" on every page". If you log out, you can still access pages. The logout isn't destroying sessions. Thanks in advance

Fixed that. It pulls through and works. Just the sessions thing that isnt working

Okay, i fixed the SQL error but it's not pulling the data into the table. It's just showing a blank table. :/

Hi, I have a few issues i need to address with app that I'm hoping someone can help me with! Pretty please Firstly. My sessions! Basically i need to assign some pages to be viewed by only users and some by only admin. At the moment, you type in the address of any of the pages and you can see them. I need to get my sessions working too. Secondly i'm trying to extract data from a MySQL table into a html/php table to be viewed. <?php include ('/content/base.php'); $query1 = mysql_query("SELECT * FROM testablishment"); echo "<table border ='1'> <tr> <th>Establishment ID</th> <th>Establishment Name</th> <th>Establishment URL</th> <th>User ID</th> </tr>"; while($row = mysql_fetch_array($query1)){ echo "<tr>"; echo "<td>" . $row['cEstablishmentID'] . "</td>"; echo "<td>" . $row['cEstablishmentName'] . "</td>"; echo "<td>" . $row['cEstablishmenURL'] . "</td>"; echo "</tr>"; } echo "</table>"; ?> That's my code and i'm getting this error : Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given. Anyone can help me with that? Thanks in advance!