chokitofrito

quick answer: if (isset($_SESSION['viewed'])) { $_SESSION['viewed'] = $_SESSION['viewed'] + 1 } else $_SESSION['viewed'] = 0 } if more than 1, it means it was refreshed or something like that..

1. OK, I'm trying to learn how to build a log-in form. I'm using PHP and mySQL the latest versions. there are two types of users in the database, type A which is a regular user and type S which is a power user. Whenever I login as either, it always show Type <type here> (Power User) it always says power user regardless of the real type (it should say regular/limited user for type A) 2. also, whenever i log in as a power user, then logout, then login as a regular user, the type i see is type S, then when i hit refresh, it will turn to type A (but it still says power user) i've tried clearing the cache between logins, nothing. anyways, here is the code: index.php <?php session_start(); if(isset($_SESSION['username'])){ require_once('includes/login_functions.inc.php'); $url = absolute_url('logged_in.php'); header("Location: $url"); exit(); } unset($_SESSION['username']); unset($_SESSION['type']); unset($_SESSION['user_id']); if(isset($_POST['submitted'])){ require_once('includes/login_functions.inc.php'); require_once('mysqli_connect.php'); list($check, $errors, $username, $type, $user_id) = check_login($dbc, $_POST['username'], $_POST['pass']); if($check){ $_SESSION['username'] = $username; $_SESSION['type'] = $type; $_SESSION['user_id'] = $user_id; $url = absolute_url('logged_in.php'); header("Location: $url"); exit(); } mysqli_close($dbc); } include_once("includes/header.html"); if(!empty($errors)){ echo '<div id="errors"><p>'; foreach($errors as $msg){ echo "$msg<br />\n"; } echo '</p></div>'; } ?> <div id="login"> <form action="index.php" method="POST"> <fieldset><legend>Login</legend> <p><label>Username:</label> <input type="text" name="username" size="20" maxlength="20" class="input" value="jchan" /></p> <p><label>Password:</label> <input type="password" name="pass" size="20" maxlength="20" class="input" value="china" /></p> <label> </label><input type="submit" name="submit" value="Login" class="btn" /> <input type="hidden" name="submitted" value="TRUE" /> </fieldset> </form> </div> <?php include_once("includes/footer.html"); ?> login_functions.inc.php <?php function absolute_url($page = 'index.php'){ $url = 'http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']); $url = rtrim($url, '/\\'); $url .= '/'.$page; return $url; } function check_login($dbc, $username = '', $pass = ''){ $errors = array(); if(empty($username)){ $errors[] = "Enter your username."; }else{ $u = mysqli_real_escape_string($dbc, trim($username)); } if(empty($pass)){ $errors[] = "Enter your password."; }else{ $p = mysqli_real_escape_string($dbc, trim($pass)); } if(empty($errors)){ $q = "SELECT username, type, user_id FROM accounts WHERE username='$u' AND password=SHA1('$p')"; $r = @mysqli_query($dbc, $q); if(mysqli_num_rows($r) == 1){ $row = mysqli_fetch_array($r, MYSQLI_ASSOC); return array(true, $errors, $row['username'], $row['type'], $row['user_id']); }else{ $errors[] = 'Invalid credentials.'; } } return array(false, $errors, null, null, null); } ?> logged_in.php <?php session_start(); if(isset($_SESSION['username'])){ include_once("includes/header.html"); echo 'Username: '.$_SESSION['username'].'<br />'; echo 'Type: '.$_SESSION['type'].' ('; if($_SESSION['type']='S'){ echo 'Power user'; }else{ echo 'Limited'; } echo ')<br />User ID: '.$_SESSION['user_id']; include_once("includes/footer.html"); }else{ require_once('includes/login_functions.inc.php'); $url = absolute_url('index.php'); header("Location: $url"); exit(); } ?> Can anyone help me please?