samsfriend Posted August 28, 2008 Share Posted August 28, 2008 After setting up member access pages, I have came to the conclusion this is not what I was wanting. I have exhusted google looking for a simple soultion. All I want to do is when a person logs in, they are redirected to there persnal pages based off the login info. I need it to pull from the userlevel in the database and direct them to there allowed pages. I just can't figure it out. If I login in as sample I want to go to sample pages. If I login as sample 2 go to sample 2 pages. There has to be a simple way to modifie this to work. Database: member_id int(11) UNSIGNED No auto_increment firstname varchar(100) Yes NULL lastname varchar(100) Yes NULL email varchar(100) Yes NULL login varchar(100) No passwd varchar(32) No login-exec: ?php //Start session session_start(); //Connect to mysql server $link=mysql_connect("database","databaseusername","databasepassword"); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } //Select database $db=mysql_select_db("database"); if(!$db) { die("Unable to select databaseusername"); } //Sanitize the value received from login field //to prevent SQL Injection if(!get_magic_quotes_gpc()) { $login=mysql_real_escape_string($_POST['login']); }else { $login=$_POST['login']; } //Create query $qry="SELECT member_id FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); //Check whether the query was successful or not if($result) { if(mysql_num_rows($result)>0) { //Login Successful session_regenerate_id(); $member=mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID']=$member['member_id']; session_write_close(); header("location: /web/index.php"); exit(); }else { //Login failed header("location: log_in_failed.html"); exit(); } }else { die("Query failed"); } ?> Tell me there is a simple way to do this that just redirects a person based of of the info in the database. Quote Link to comment Share on other sites More sharing options...
MatthewJ Posted August 28, 2008 Share Posted August 28, 2008 well... You are connecting to the db to check their credentials, just pull out the access level field and compare it to what was submitted. Then use header() to redirect them based on that check. Something like <?php if($row['accesslevel'] == "level 1") { header("Location: whateverpage.php"); ?> Or am I missing something? Quote Link to comment Share on other sites More sharing options...
samsfriend Posted August 28, 2008 Author Share Posted August 28, 2008 like this? //Create query $qry="SELECT member_id FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); //Check whether the query was successful or not if($result) { if(mysql_num_rows($result)>0) { //Login Successful session_regenerate_id(); $member=mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID']=$member['member_id']; session_write_close(); if($row['accesslevel'] == "level 1") { header("Location: whateverpage.php"); if($row['accesslevel'] == "level 2") { header("Location: whateverpage3.php"); exit(); }else { //Login failed header("location: log_in_failed.html"); exit(); } }else { die("Query failed"); } ?> And then this to the database: Database: member_id int(11) UNSIGNED No auto_increment firstname varchar(100) Yes NULL lastname varchar(100) Yes NULL email varchar(100) Yes NULL login varchar(100) No passwd varchar(32) No accesslevel int(11) UNSIGNED No Or am I way off? Quote Link to comment Share on other sites More sharing options...
MatthewJ Posted August 28, 2008 Share Posted August 28, 2008 Yup, looks good to me. Obviously with your own page names etc. Quote Link to comment Share on other sites More sharing options...
samsfriend Posted August 28, 2008 Author Share Posted August 28, 2008 I get this now: Parse error: syntax error, unexpected $end in /homepages/27/d230656710/htdocs/vip/html/login-exec.php on line 49 What does that mean? Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted August 28, 2008 Share Posted August 28, 2008 it usually means you are missing a closing right curly bracket from an IF or FOR loop Quote Link to comment Share on other sites More sharing options...
kratsg Posted August 28, 2008 Share Posted August 28, 2008 Try this, you missed some near the middle of the code... //Create query $qry="SELECT member_id FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); //Check whether the query was successful or not if($result) { if(mysql_num_rows($result)>0) { //Login Successful session_regenerate_id(); $member=mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID']=$member['member_id']; session_write_close(); if($row['accesslevel'] == "level 1") { header("Location: whateverpage.php"); }elseif($row['accesslevel'] == "level 2") { header("Location: whateverpage3.php"); exit(); }else { //Login failed header("location: log_in_failed.html"); exit(); } }else { die("Query failed"); } ?> Basically, I used an if/elseif/else in order to fix up that coding. It should work just fine. Quote Link to comment Share on other sites More sharing options...
samsfriend Posted August 28, 2008 Author Share Posted August 28, 2008 HMMM not sure what I am still doing wrong? I still get this: Parse error: syntax error, unexpected $end in /homepages/27/d230656710/htdocs/vip/html/login-exec.php on line 49 I added the changes, I guess I will go back and relook at everything and make sure I didn't do something silly. Quote Link to comment Share on other sites More sharing options...
kratsg Posted August 28, 2008 Share Posted August 28, 2008 Whoops, I forgot the bottom one. It was right, I just got messed up cause the indentation is bad (indent your code better like so): <?php //Create query $qry="SELECT member_id FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); //Check whether the query was successful or not if($result) { if(mysql_num_rows($result)>0) { //Login Successful session_regenerate_id(); $member=mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID']=$member['member_id']; session_write_close(); if($row['accesslevel'] == "level 1") { header("Location: whateverpage.php"); }elseif($row['accesslevel'] == "level 2") { header("Location: whateverpage3.php"); exit(); }else { //Login failed header("location: log_in_failed.html"); exit(); } }else { die("Query failed"); } } ?> Quote Link to comment Share on other sites More sharing options...
samsfriend Posted August 28, 2008 Author Share Posted August 28, 2008 Now it's giveing me this: Failed to connect to server: Access denied for user: 'db254897190@74.208.16.102' (Using password: YES) Geez, I am feeling like I have no idea how to code. :'( So here it is did I mess it up? <?php //Start session session_start(); //Connect to mysql server $link=mysql_connect("db.perfora.net","db","pwd"); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } //Select database $db=mysql_select_db("db"); if(!$db) { die("Unable to select database"); } //Sanitize the value received from login field //to prevent SQL Injection if(!get_magic_quotes_gpc()) { $login=mysql_real_escape_string($_POST['login']); }else { $login=$_POST['login']; } //Create query $qry="SELECT member_id FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); //Check whether the query was successful or not if($result) { if(mysql_num_rows($result)>0) { //Login Successful session_regenerate_id(); $member=mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID']=$member['member_id']; session_write_close(); if($row['accesslevel'] == "level 1") { header("Location: samplepages/"); }elseif($row['accesslevel'] == "level 2") { header("Location: sample.php"); exit(); }else { //Login failed header("location: log_in_failed.html"); exit(); } }else { die("Query failed"); } } ?> Quote Link to comment Share on other sites More sharing options...
dezkit Posted August 28, 2008 Share Posted August 28, 2008 Your password to the database is wrong. Quote Link to comment Share on other sites More sharing options...
samsfriend Posted August 28, 2008 Author Share Posted August 28, 2008 But it's not. I doubled checked and it's all correct Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted August 28, 2008 Share Posted August 28, 2008 is the database configured to allow access from outside the server to that user? allowing access from ON the server vs. from OUTSIDE the server are 2 different things. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.