andrew_biggart Posted March 8, 2009 Share Posted March 8, 2009 Im using the following code to check the username and password when ever i user logs in. <?php include("config_members.php"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); $userav = $row['Profile_picture']; // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file session_register("myusername"); session_register("mypassword"); $_SESSION['myusername'] = $myusername; $_SESSION['myavatar'] = $userav; header("location:my_profile.php?username=$myusername"); exit(); } else { echo "<h1 class=login_status>Wrong Username or Password</h1>"; } ?> What i want to do is add an if statement to check if myusername is = to admin and if so goto adminprofile.php and then for the else statemtent i want it to redirect to myprofile.php for ll other users, how do i go about doing this? ive tried a few different if statements but im not the best at them so can someone peae point me in the right direction please? Quote Link to comment https://forums.phpfreaks.com/topic/148489-solved-adding-an-if-statement-to-my-check-login-script/ Share on other sites More sharing options...
andrew_biggart Posted March 8, 2009 Author Share Posted March 8, 2009 hear is one of the soutions i have tried but it just sends al users to the adminprofile.php instead of just the admin grrrrr. <?php include("config_members.php"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); $userav = $row['Profile_picture']; // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1 + $myusername=AdMiN){ // Register $myusername, $mypassword and redirect to file session_register("myusername"); session_register("mypassword"); $_SESSION['myusername'] = $myusername; $_SESSION['myavatar'] = $userav; header("location:admin_profile.php?username=$myusername"); exit(); } else if($count==1){ // Register $myusername, $mypassword and redirect to file session_register("myusername"); session_register("mypassword"); $_SESSION['myusername'] = $myusername; $_SESSION['myavatar'] = $userav; header("location:my_profile.php?username=$myusername"); exit(); } else { echo "<h1 class=login_status>Wrong Username or Password</h1>"; } ?> Quote Link to comment https://forums.phpfreaks.com/topic/148489-solved-adding-an-if-statement-to-my-check-login-script/#findComment-779747 Share on other sites More sharing options...
redarrow Posted March 8, 2009 Share Posted March 8, 2009 try as a test page. <?php //database connection. if(isset($_POST['submit'])){ $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); if($row['myusername']=="admin"){ header("location: adminprofile.php"); }else{ header("location: myprofile.php"); } } ?> Quote Link to comment https://forums.phpfreaks.com/topic/148489-solved-adding-an-if-statement-to-my-check-login-script/#findComment-779749 Share on other sites More sharing options...
andrew_biggart Posted March 8, 2009 Author Share Posted March 8, 2009 no that doesnt work at all Quote Link to comment https://forums.phpfreaks.com/topic/148489-solved-adding-an-if-statement-to-my-check-login-script/#findComment-779752 Share on other sites More sharing options...
andrew_biggart Posted March 8, 2009 Author Share Posted March 8, 2009 anyone? Quote Link to comment https://forums.phpfreaks.com/topic/148489-solved-adding-an-if-statement-to-my-check-login-script/#findComment-779765 Share on other sites More sharing options...
premiso Posted March 8, 2009 Share Posted March 8, 2009 <?php include("config_members.php"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); $userav = $row['Profile_picture']; // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file // session_register is depreciated and is not needed. //session_register("myusername"); //session_register("mypassword"); $_SESSION['myusername'] = $myusername; $_SESSION['myavatar'] = $userav; if (strcmp($myusername, "admin") == 0) { header("location:admin_profile.php?username=$myusername"); }else { header("location:my_profile.php?username=$myusername"); } exit(); } else { echo "<h1 class=login_status>Wrong Username or Password</h1>"; } ?> Quote Link to comment https://forums.phpfreaks.com/topic/148489-solved-adding-an-if-statement-to-my-check-login-script/#findComment-779772 Share on other sites More sharing options...
kickstart Posted March 8, 2009 Share Posted March 8, 2009 hear is one of the soutions i have tried but it just sends al users to the adminprofile.php instead of just the admin grrrrr. You have an error there from using a single = sign in an if statement. if($count==1 + $myusername=AdMiN){ is probably going to try and assign a constant called AdMiN to $myusername, returning true (ie, 1) and then check if $count is equal to 1 + true (ie, 2). Simple solution would be to change header("location:my_profile.php?username=$myusername"); to header((($myusername == "Whatever the admin user name is") ? "location:adminprofile.php?username=$myusername" : "location:my_profile.php?username=$myusername")); All the best Keith Quote Link to comment https://forums.phpfreaks.com/topic/148489-solved-adding-an-if-statement-to-my-check-login-script/#findComment-779774 Share on other sites More sharing options...
andrew_biggart Posted March 8, 2009 Author Share Posted March 8, 2009 Thanks kickstart that worked perfectly nice one!!! Quote Link to comment https://forums.phpfreaks.com/topic/148489-solved-adding-an-if-statement-to-my-check-login-script/#findComment-779793 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.