andrew_biggart Posted March 8, 2009 Share Posted March 8, 2009 Im using the following code to check the username and password when ever i user logs in. <?php include("config_members.php"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); $userav = $row['Profile_picture']; // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file session_register("myusername"); session_register("mypassword"); $_SESSION['myusername'] = $myusername; $_SESSION['myavatar'] = $userav; header("location:my_profile.php?username=$myusername"); exit(); } else { echo "<h1 class=login_status>Wrong Username or Password</h1>"; } ?> What i want to do is add an if statement to check if myusername is = to admin and if so goto adminprofile.php and then for the else statemtent i want it to redirect to myprofile.php for ll other users, how do i go about doing this? ive tried a few different if statements but im not the best at them so can someone peae point me in the right direction please? Link to comment https://forums.phpfreaks.com/topic/148489-solved-adding-an-if-statement-to-my-check-login-script/ Share on other sites More sharing options...
andrew_biggart Posted March 8, 2009 Author Share Posted March 8, 2009 hear is one of the soutions i have tried but it just sends al users to the adminprofile.php instead of just the admin grrrrr. <?php include("config_members.php"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); $userav = $row['Profile_picture']; // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1 + $myusername=AdMiN){ // Register $myusername, $mypassword and redirect to file session_register("myusername"); session_register("mypassword"); $_SESSION['myusername'] = $myusername; $_SESSION['myavatar'] = $userav; header("location:admin_profile.php?username=$myusername"); exit(); } else if($count==1){ // Register $myusername, $mypassword and redirect to file session_register("myusername"); session_register("mypassword"); $_SESSION['myusername'] = $myusername; $_SESSION['myavatar'] = $userav; header("location:my_profile.php?username=$myusername"); exit(); } else { echo "<h1 class=login_status>Wrong Username or Password</h1>"; } ?> Link to comment https://forums.phpfreaks.com/topic/148489-solved-adding-an-if-statement-to-my-check-login-script/#findComment-779747 Share on other sites More sharing options...
redarrow Posted March 8, 2009 Share Posted March 8, 2009 try as a test page. <?php //database connection. if(isset($_POST['submit'])){ $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); if($row['myusername']=="admin"){ header("location: adminprofile.php"); }else{ header("location: myprofile.php"); } } ?> Link to comment https://forums.phpfreaks.com/topic/148489-solved-adding-an-if-statement-to-my-check-login-script/#findComment-779749 Share on other sites More sharing options...
andrew_biggart Posted March 8, 2009 Author Share Posted March 8, 2009 no that doesnt work at all Link to comment https://forums.phpfreaks.com/topic/148489-solved-adding-an-if-statement-to-my-check-login-script/#findComment-779752 Share on other sites More sharing options...
andrew_biggart Posted March 8, 2009 Author Share Posted March 8, 2009 anyone? Link to comment https://forums.phpfreaks.com/topic/148489-solved-adding-an-if-statement-to-my-check-login-script/#findComment-779765 Share on other sites More sharing options...
premiso Posted March 8, 2009 Share Posted March 8, 2009 <?php include("config_members.php"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); $userav = $row['Profile_picture']; // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file // session_register is depreciated and is not needed. //session_register("myusername"); //session_register("mypassword"); $_SESSION['myusername'] = $myusername; $_SESSION['myavatar'] = $userav; if (strcmp($myusername, "admin") == 0) { header("location:admin_profile.php?username=$myusername"); }else { header("location:my_profile.php?username=$myusername"); } exit(); } else { echo "<h1 class=login_status>Wrong Username or Password</h1>"; } ?> Link to comment https://forums.phpfreaks.com/topic/148489-solved-adding-an-if-statement-to-my-check-login-script/#findComment-779772 Share on other sites More sharing options...
kickstart Posted March 8, 2009 Share Posted March 8, 2009 hear is one of the soutions i have tried but it just sends al users to the adminprofile.php instead of just the admin grrrrr. You have an error there from using a single = sign in an if statement. if($count==1 + $myusername=AdMiN){ is probably going to try and assign a constant called AdMiN to $myusername, returning true (ie, 1) and then check if $count is equal to 1 + true (ie, 2). Simple solution would be to change header("location:my_profile.php?username=$myusername"); to header((($myusername == "Whatever the admin user name is") ? "location:adminprofile.php?username=$myusername" : "location:my_profile.php?username=$myusername")); All the best Keith Link to comment https://forums.phpfreaks.com/topic/148489-solved-adding-an-if-statement-to-my-check-login-script/#findComment-779774 Share on other sites More sharing options...
andrew_biggart Posted March 8, 2009 Author Share Posted March 8, 2009 Thanks kickstart that worked perfectly nice one!!! Link to comment https://forums.phpfreaks.com/topic/148489-solved-adding-an-if-statement-to-my-check-login-script/#findComment-779793 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.