Ahh i don't know whats happening thanks for the help but it seems like even there is no user in the database with that username and password i still get (Login failed, your account has been disabled, contact admin.) i don't seem to understand why this is happening, im no master at php like most you guys but i just can't see the answer to solve this problem. thanks alot.
where the code stands right now.
function authenticateUser ($username, $password)
{
$result = "SELECT * FROM gb_login WHERE username = '$username' AND password = '$password'";
$result = mysql_query ($result) or die (mysql_error());
$row = mysql_fetch_assoc ($result);
if ($row['userstatus']=='active'){
if (mysql_num_rows($result) == 1){
switch ($row['userlevel']) {
case "1":
// The username and password match,
// Set the session as ADMIN.
$_SESSION['admin_logged_in'] = true;
$_SESSION['username'] = $username;
// After login move logged in page
header ('Location: ../admin/index.php');
break;
case "2":
// The username and password match,
// Set the session as USER.
$_SESSION['user_logged_in'] = true;
$_SESSION['username'] = $username;
// After login move loged in page
header ('Location: ../public/index.php');
break;
}
}
}
else {
$sql = "SELECT `userstatus` FROM `gb_login` WHERE `username`='$username' AND `password`= '$password' LIMIT 1;";
$result = mysql_query($sql);
$row = mysql_fetch_assoc($result);
$userstatus = $row['userstatus'];
if ($userstatus != 'active'){
// Set error message
$_SESSION["message"] = '<div class="error mb">Login failed, your account has been disabled, contact admin.</div>';
// After error message move to login.php
header ('Location: ../login/login.php');
}
else {
// The username and password doesn't match
// Set error message
$_SESSION["message"] = '<div class="error mb">Login failed. Please try again or <a href="recover.php">reset your password</a>.</div>';
// After error message move to login.php
header ('Location: ../login/login.php');
}
}
}