Some code.....

0perator · December 3, 2008

Hey guys,

I am making a School Behavior Management System and have come across a small issue. Code is as follows:

<?php

include("global.php");

$username = $_POST['username'];

$password = $_POST['password'];

$md5pass = md5($password);

// check if user is a student

$student_result = mysql_query("SELECT * FROM students WHERE `Username` = '$username' AND `Password` = '$md5pass'");

$student_num_rows = mysql_num_rows($student_result);

if ($student_num_rows == 0)

{

// check and see if user is a teacher

$teacher_result = mysql_query("SELECT * FROM teachers WHERE `Username` = '$username' AND `Password` = '$md5pass'");

$teacher_num_rows = mysql_num_rows($teacher_result);

}

if ($teacher_num_rows == 0)

{

// check and see if user is an admin

$admin_result = mysql_query("SELECT * FROM admins WHERE `Username` = '$username' AND `Password` = '$md5pass'");

$admin_num_rows = mysql_num_rows($admin_result);

}

if ($admin_num_rows == 0)

{

// no user found with given username and password

die('Login failed');

}

else if ($teacher_num_rows >= 1)

{

?>

<a href="/notices.php">Notices</a>

<a href="/classes.php">Classes</a>

<a href="/stusearch.php">Student Search</a>

<a href="/timetable.php">My Timetable</a>

<a href="/prefs.php">Prefrences</a>

<a href="/logout.php">Logout</a>

<?php

}

else if ($student_num_rows >= 1)

{

?>

<a href="/notices.php">Notices</a>

<a href="/classes.php">Classes</a>

<a href="/stusearch.php">Student Search</a>

<a href="/timetable.php">My Timetable</a>

<a href="/prefs.php">Prefrences</a>

<a href="/logout.php">Logout</a>

<?php

}

else if ($admin_num_rows >= 1)

{

?>

<a href="/notices.php">Notices</a>

<a href="/Subjects">Subjects</a>

<a href="/settings.php">System Settings</a>

<a href="/prefs.php">Prefrences</a>

<?php

}

else

{

echo 'System Failure. Please contact your local administrator.';

}

?>

This is for menu.php which is an include in index.php when users are logged in. There are three types of user, Teacher, Admin and Student. Each type has a different menu. As you can see above these menus are clearly defined. For some reason every time I log in as each type of user, it gives me "Login failed". global.php just connects to the MySQL database. Saves writing the code out for each page.

Any ideas as to the problem and how to fix it?

Thanks,

0perator

Demonic · December 3, 2008

Use a switch statement per user group:

$group = 1;//by default their a student

//select your data example for students
//...query here
if( @mysql_num_rows( $query ) > 0 ) {
$group = 1;
}

//...query for teachers ^same as above just update the group variable to the teacher group 2

//add a switch function

switch( $group )
{
case 1:
//student
break;
case 2:
//teacher
break;
//etc..
default:
//echo 'sorry you need to login';
break;
}

waynew · December 3, 2008

Hi, you're also not cleaning your variables.

$clean = mysql_real_escape_string($dirty);

Sign In

Some code.....

Recommended Posts

0perator

Link to comment

Share on other sites

Demonic

Link to comment

Share on other sites

waynew

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information