ashadweb Posted April 9, 2009 Share Posted April 9, 2009 I HAVE MADE A LOGIN SYSTEM WITH 3 USER PRIVILAGES 1.ADMIN 2.SUPERADMIN 3.USER THE DATABASE IS BELOW -- Table structure for table `login` -- CREATE TABLE IF NOT EXISTS `login` ( `username` varchar(50) NOT NULL, `password` varchar(50) NOT NULL, `permission` int(11) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1; -- -- Dumping data for table `login` -- INSERT INTO `login` (`username`, `password`, `permission`) VALUES ('admin', 'admin12345', 1), ('sadmin', 'sadmin12345', 2), ('user', 'user12345', 3); AND THE CODE IS BELOW TO ALLOW ADMIN TO ACCESS TO THE PAGE admin_success.php NOW MY PROBLEM IS HOW DO I CONTINUE THE CODE TO ACCESS TO SUPER ADMIN AND USER EX: SUPERADMIN PAGE IS sadmin_success.php im still a beginer for php plz help me here is the php code for it. <?php include ("dbconnect.php"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' && permission=1 "; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:admin_success.php"); } else { $error_up = "Sorry! Wrong Username or Password"; } ob_end_flush(); ?> Link to comment https://forums.phpfreaks.com/topic/153277-php-login/ Share on other sites More sharing options...
dadamssg Posted April 9, 2009 Share Posted April 9, 2009 heres my working login script...theres alot you have to learn...try tearing this apart and modifying it for your tables and whatnot <?php session_start(); include("caneck.inc"); $cxn = mysqli_connect($host, $user,$passwd,$dbname) or die ("Couldn't connect to server."); $password = mysqli_real_escape_string($cxn, strip_tags($_POST['fpassword'])); $username = mysqli_real_escape_string($cxn, strip_tags($_POST['fusername'])); $sql = "SELECT loginName FROM Member WHERE loginName='$username'"; $result = mysqli_query($cxn,$sql) or die(mysqli_error($cxn)); $num = mysqli_num_rows($result); if ($num > 0) // login name was found { $sql = "SELECT loginName,active FROM Member WHERE loginName='$username' AND password=md5('$password')"; $result2 = mysqli_query($cxn,$sql) or die(mysqli_error($cxn)); $num2 = mysqli_num_rows($result2); $row = mysqli_fetch_assoc($result2); if ($num2 > 0) // password is correct { if($row['active']=="8"){ $_SESSION['auth']="yes"; $logname=$username; $_SESSION['logname'] = ucwords($logname); header("Location: /test/project12.php"); } else{Header("Location: checkmail.php");} } else // password is not correct { Header("Location: register_form.php"); } } elseif ($num == 0) // login name not found { Header("Location: register_form.php"); } else { Header("Location: register_form.php"); } ?> that $row['active'] is where you would change it to permissions then set up elseif stmts for each level ex.. if($row['permission']=="1") { do whatever you wanna do for admins } elseif($row['permission']=="2") { do whatever for superadmin } else { do whatever for user } Link to comment https://forums.phpfreaks.com/topic/153277-php-login/#findComment-805241 Share on other sites More sharing options...
ashadweb Posted April 9, 2009 Author Share Posted April 9, 2009 oh thanks dadamssg il try this Link to comment https://forums.phpfreaks.com/topic/153277-php-login/#findComment-805244 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.