erra Posted July 10, 2008 Share Posted July 10, 2008 Hello there...please help me... :'( i created a login page and i manage to allow members to login but i need the administrator to login too and direct to the admin page...I believe dat i have to create the access level in my database to identify the administrator...but what should i add in to my codes so dat the admin can login?? Here are my codes... login.php <?php include 'db.php'; //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directs you to the members page { $username = $_COOKIE['ID_my_site']; $username = mysql_real_escape_string($username); $pass = $_COOKIE['Key_my_site']; $pass = mysql_real_escape_string($pass); $check = mysql_query("SELECT * FROM Membership WHERE USER_NAME = '$username' and PASSWORD = '$pass'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass = $info['PASSWORD']) { header("Location: home2.php"); } else { //header("Location: home2.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM Membership WHERE USER_NAME = '".$_POST['username']."' and PASSWORD = '".$_POST['pass']."'") or die(mysql_error()); while($info = mysql_fetch_array( $check )) { $_POST['pass'] = stripslashes($_POST['pass']); $info['PASSWORD'] = stripslashes($info['PASSWORD']); $_POST['pass'] = md5($_POST['pass']); //if password is right, it will direct to home page if ($_POST['pass'] = $info['PASSWORD']) { $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['pass'], $hour); header("Location: home2.php"); } else { //then redirect them to the members area header("Location: home2.php"); } } } //else //{ // if they are not logged in ?> <form action="login1.php" method="post"> <table border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40" value="<?php echo ""?>"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="pass" maxlength="50" value="<?php echo ""?>"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> <a href="register_pg.php">Click Here to Register</a> <a href = "skeleton.php"> the skeleton</a> </form> <?php if(!$_POST['username'] || !$_POST['pass']) { die('Please fill in the required fills!'); } $check2 = mysql_num_rows($check); if ($check2 == 0){ die('That user does not exist in our database.'); } ?> Link to comment https://forums.phpfreaks.com/topic/114024-creating-access-level-for-admin-and-members-to-login/ Share on other sites More sharing options...
Third_Degree Posted July 10, 2008 Share Posted July 10, 2008 If you continued to use this code: $check = mysql_query("SELECT * FROM Membership WHERE USER_NAME = '$username' and PASSWORD = '$pass'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { Add the field "level" into your database and simply add the code if ( $info["level"] == "admin" ) { header( "Location: admin.php" ) } Link to comment https://forums.phpfreaks.com/topic/114024-creating-access-level-for-admin-and-members-to-login/#findComment-586071 Share on other sites More sharing options...
erra Posted July 10, 2008 Author Share Posted July 10, 2008 Thank u very much Third_Degree....its working.. Link to comment https://forums.phpfreaks.com/topic/114024-creating-access-level-for-admin-and-members-to-login/#findComment-586138 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.