DeanWhitehouse Posted April 23, 2008 Share Posted April 23, 2008 I have this code <?php if (isset($_GET['logout'])) { setcookie("cookname", $_SESSION['username'], time() - 3600, "/"); setcookie("cookpass", $_SESSION['user_password'], time() - 3600, "/"); session_unset(); session_destroy(); } if ($_SESSION['is_valid'] == true) { if ($_SESSION['user_level'] == 2) { ?> <table class='logged_in'><tr><td> <p>Welcome, <br><?php echo $_SESSION['username']; ?> <br><a href='user_profile.php?id=<?php echo $_SESSION['user_id']; ?>'>User Profile</a><br> <a href='user_setting.php'>Settings</a><br> <a href="<?php print $_SERVER["PHP_SELF"]; ?>?logout=true">Logout</a><br /> </td></tr><tr><td>Logged In</td></tr></table></p> <?php } elseif ($_SESSION['user_level'] == 1) { ?> <table class='logged_in'><tr><td> <p>Welcome, <?php echo $_SESSION['username']; ?> <br><a href='user_profile.php?id=<?php echo $_SESSION['user_id']; ?>'>User Profile</a><br> <a href='user_setting.php'>Settings</a><br> <a href='admin_centre.php'>Admin Area</a><br> <a href="<?php print $_SERVER["PHP_SELF"]; ?>?logout=true">Logout</a><br /> </td></tr><tr><td>Logged In</td></tr></table></p> <?php } } else { require_once 'db_connect.php'; if ($_SESSION['is_valid'] == false) { if (isset($_POST['login'])) { $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $cookiename = forumcookie; $verify_username = strlen($user_name); $verify_pass = strlen($user_password); if ($verify_pass > 0 && $verify_username > 0) { $salt = substr($user_password, 0, 2); $userPswd = crypt($user_password, $salt); $sql = "SELECT * FROM `$user` WHERE user_name='$user_name' AND user_password='$userPswd' LIMIT 1;"; $result = mysql_query($sql); if (mysql_num_rows($result) == 1) { $row = mysql_fetch_assoc($result); $user_level = $row['userlevel']; if ($user_level == 1) { $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; if(isset($_POST['remember'])) { setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } elseif ($user_level == 2){ $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } } else{ echo "Login failed. Username and Password did not match database entries."; } } else { echo "Form was not completed. Please go back and make sure that the form was fully completed."; } } $server = str_replace("?logout=true","",$_SERVER['PHP_SELF']); ?> <html> <table bgcolor='#999999' align='right'><form action="<?php echo $server ?>" method='POST'> <tr><td>Username: </td><td><input type='text' name='user_name' /><br /></td></tr> <tr><td>Password:</td><td> <input type='password' name='user_password' /><br /></td></tr> <tr><td><input type="hidden" name="login" value="true"><input type="submit" value="Submit"></td></tr> <tr><td><input type="checkbox" value="1" name="remember"> Remember Me </td></tr><tr><td><a href="register.php">[Register]</a></td></tr><tr><td><a href="forgot_password.php">[Forgot Password?]</a></td></tr></table> </form> </html> <?php mysql_close(); } else { header("Location:http://".$_SERVER[HTTP_HOST]); } } ?> which shows certain links depending on the user level, but now i don't no what i done but it doesn't show the admin link. any ideas?? i haven't changed this code but i have changed other codes and all my tables are the same and i have two users with different levels , testing this out on. Link to comment https://forums.phpfreaks.com/topic/102600-solved-i-think-i-broke-it/ Share on other sites More sharing options...
DeanWhitehouse Posted April 23, 2008 Author Share Posted April 23, 2008 it is because i put elseif instead of if, i dunno why it is but it is Link to comment https://forums.phpfreaks.com/topic/102600-solved-i-think-i-broke-it/#findComment-525442 Share on other sites More sharing options...
effigy Posted April 23, 2008 Share Posted April 23, 2008 You're closing an if in the middle of another: } } else Link to comment https://forums.phpfreaks.com/topic/102600-solved-i-think-i-broke-it/#findComment-525445 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.