plodos Posted December 23, 2008 Share Posted December 23, 2008 MySQL code CREATE TABLE IF NOT EXISTS `user` ( `id` int(11) NOT NULL auto_increment, `username` varchar(50) collate latin1_general_ci NOT NULL, `password` varchar(50) collate latin1_general_ci NOT NULL, `email` varchar(200) collate latin1_general_ci NOT NULL, `type` varchar(20) collate latin1_general_ci NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci; id username password email type 1 p p a@a admin login_control.php $sql="SELECT * FROM user WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched table row must be 1 row if($count==1){ $row = mysql_fetch_array($result); $_SESSION['loggedIn'] = $row['type']; $_SESSION['id'] = $row['id']; header("location:{$row['type']}.php?"); } that part is not working, how can I control the correct type user user.php (for users) admin.php (for admins) only admin user must see that part. But HOW ? Can any body give me a hint? If there are guys or girls who has done similar things, please help me Thanks in advance admin.php session_start(); if (!$_SESSION['loggedIn'] == 'admin') { header("location:login.php"); die (); } //page start here Quote Link to comment Share on other sites More sharing options...
revraz Posted December 23, 2008 Share Posted December 23, 2008 Echo your session variable and see what it contains change if (!$_SESSION['loggedIn'] == 'admin') to if ($_SESSION['loggedIn'] != 'admin') Quote Link to comment Share on other sites More sharing options...
plodos Posted December 23, 2008 Author Share Posted December 23, 2008 i login with user account id username password email type 10 pa pa a@aa user than im going to user.php page. but when I write admin.php also I can see the admin part user mustnt see the admin part. what can be the problem? if (!$_SESSION['loggedIn'] == 'admin') { header("location:login.php"); die (); } print_r($_SESSION); echo "<br />".$_SESSION['loggedIn']; //type is user but I can see the admin page Quote Link to comment Share on other sites More sharing options...
revraz Posted December 23, 2008 Share Posted December 23, 2008 You didn't read what I posted. what can be the problem? Quote Link to comment Share on other sites More sharing options...
plodos Posted December 23, 2008 Author Share Posted December 23, 2008 I forgot to put if ($_SESSION['loggedIn'] != 'admin') you are right! thank you Quote Link to comment Share on other sites More sharing options...
plodos Posted December 23, 2008 Author Share Posted December 23, 2008 I have another question that code gives the current page $pageURL ="http://"; $pageURL .= $_SERVER["SERVER_NAME"].$_SERVER['REQUEST_URI']; how to redirect to previous page? <?php if ($_SESSION['loggedIn'] != 'admin') { //check the registered user, if not go index.php if(!$_SESSION['id']) { header("location:index.php"); die(); } else //if registered with different user type, turn back to your page {//header("Location:".$_SERVER['HTTP_REFERER'].""); $pageURL ="http://"; $pageURL .= $_SERVER["SERVER_NAME"].$_SERVER['REQUEST_URI']; //echo $pageURL = www.aaaa.com/admin.php //but it must redirect to = previous page header("Location: $pageURL "); die(); } } ?> Quote Link to comment Share on other sites More sharing options...
revraz Posted December 23, 2008 Share Posted December 23, 2008 http://php.about.com/od/learnphp/qt/HTTP_REFERER.htm Quote Link to comment Share on other sites More sharing options...
plodos Posted December 23, 2008 Author Share Posted December 23, 2008 <?php if ($_SESSION['loggedIn'] != 'reviewer') { //check the registered user, if not go index.php if(!$_SESSION['id']) { header("location:index.php"); die(); } else //if registered with different user type turn back to your page { echo $HTTP_REFERER; header("Location:".$_SERVER['HTTP_REFERER'].""); } } ?> this part is not working else { echo $HTTP_REFERER; header("Location:".$_SERVER['HTTP_REFERER'].""); } but if I write like this it is working else { session_destroy(); exit(); } WHY header("Location:".$_SERVER['HTTP_REFERER'].""); is not working!!!!! Quote Link to comment Share on other sites More sharing options...
plodos Posted December 23, 2008 Author Share Posted December 23, 2008 I add javascipt 100% working now <?php else //if registered with different user type turn back to your page { echo " <script language='JavaScript'>history.go(-1);</script>"; }?> Quote Link to comment Share on other sites More sharing options...
revraz Posted December 24, 2008 Share Posted December 24, 2008 The reason REFERER wasn't working is because you ECHO'd it first here echo $HTTP_REFERER; And then you tried to use HEADER after, which won't work. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.