Jump to content

Troubles with a check, works for user/pas but not other.

blesseld

By blesseld
in PHP Coding Help

Recommended Posts

blesseld Member

blesseld

Posted
Posted

Hey,

 

Just trying to get this to work for my admin panel,  If administrator = 0  No access else if it 1,  header to admin-panel.php.

 

Heres the code,  It says my error you are not an admin  no matter if the user has administrator set to 1 or 0 in the database,

 

<?php
$sheet_name = "tbnl-admin-panel";
include ("../inc/control.php"); //main inc dir.
include ("../users/inc/tbnl-functions.php"); //users inc dir.
include ("../users/inc/tbnl-header.php");
include ("../inc/page-top.php");
echo $content;
$error = $user = $pass = "";
if (isset($_POST['user'])) {
    $user = sanitizeString($_POST['user']);
    $pass = sanitizeString($_POST['pass']);
    if ($user == "" || $pass == "") {
        $error = "<div id=\"warning-box-ty\"><p class=\"main-text\">Not all fields were entered.<br /><br /></p></div>";
    } else {
        $query = "SELECT user,pass FROM tbnlmembers WHERE user = '$user' AND pass = MD5('$pass')";
        if (mysql_num_rows(queryMysql($query)) == 0) {
            $error = "<div id=\"warning-box-ty\"><p class=\"main-text\">User/Password Invalid.<br /><br /></p></div>";
        } else {
            $query = "SELECT user,administrator FROM tbnlmembers WHERE user = '$user' AND administrator = '$administrator'";
            if (mysql_num_rows(queryMysql($query)) == 0) {
                $error = "<div id=\"warning-box-ty\"><p class=\"main-text\">You are not an Administrator.<br /><br /></p></div>";
            } else {
                $_SESSION['user'] = $user;
                $_SESSION['pass'] = $pass;
                header('Location: http://mysite.com/admin/admin-panel.php');
                die("");
            }
        }
    }
}
echo <<< _END
<br />
$error
<br />
<div id="user-login-form">
<form method='post' action='index.php'>
<ul class="single">
	<li><label>Username</label><input type='text' maxlength='16' name='user' value='$user' /></li>
	<li><label>Password</label><input type='password' maxlength='32' name='pass' value='$pass' /></li>
	<li style="float:right; padding-right:42px;"><a href="forgot-password.php">Forgot Password</a></li>
	<li><input type='submit' value='Login' /></li>
</ul>
</form>
</div>
_END;
include ("../inc/page-bot.php");
?>

 

any tips,  thanks

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.