[RESOLVED] Login system, slight problem.

[ScottRiley]

Hi, I have a problem with a login system I'm using.  I have set up the login page as follows:

[code]<?php
if(session_is_registered('username'))
{
echo('Welcome '.$_SESSION['username'].'.  You are logged in as a '.$_SESSION['usertype'].' user.  <a href="logout.php">Log Out</a>');
}
else
{
?>

  <form name="form1" method="post" action="login.php">
  <label><span class="style1">Username:</span>
  <input type="text" name="username">
  <br>
  </label>
  <p><span class="style1">Password</span>:
    <input type="password" name="password">
    <label><br>
    </label>
    <input name="usertype" type="radio" value="franchisee">
    <label class="style1">Franchisee</label>
    <input name="usertype" type="radio" value="business">
    <span class="style1">Business</span>
  <input name="usertype" type="radio" value="consumer">
  <span class="style1">Consumer</span></p>
  <p>
    <label>
    <input type="checkbox" name="remember" value="checkbox" >
    <span class="style1">Remeber my details</span></label>
  </p>
  <p>
    <input type="submit" name="submit" Value="Log In">
    <label></label>
  </p>
</form></p>
<?php
}
?>[/code]

And the page that checks the details:

[code]<?php
session_start();
include"connect.php";
if(!isset($_POST['username']) || !isset($_POST['password']) || !isset($_POST['usertype']))
{
header("Location: loginform.php");
}
elseif(empty($_POST['password']) || empty($_POST['username']))
{
header("Location: loginform.php");
}
else
{
$username=$_POST['username'];
$password=$_POST['password'];
$usertype=$_POST['usertype'];
if($usertype="business")
{
$result=mysql_query("SELECT * FROM southport_businesses WHERE username='$username' AND pword='$password'");
$rows=mysql_num_rows($result);
if($rows > 0)
{
while($row=mysql_fetch_array($result))
{
session_register('username');
$_SESSION['username']=$username;
$_SESSION['password']=$password;
$_SESSION['usertype']=$usertype;
header("Location: checklogin.php");
}
}
else
{
header("Location: loginform.php");
}
}
elseif($usertype="consumer")
{
$result2=mysql_query("SELECT * FROM southport_consumers WHERE username='$username' AND pword='$password'");
$rows2=mysql_num_rows($result2);
if($rows2 > 0)
{
while($row2=mysql_fetch_array($result2))
{
session_register('username');
$_SESSION['username']=$username;
$_SESSION['password']=$password;
$_SESSION['usertype']=$usertype;
header("Location: checklogin.php");
}
}
else
{
header("Location: loginform.php");
}
}
}
?>[/code]

Now, everything works fine, except the radio buttons which determine the user level.  This value seemingly remains as 'business'.  I tried logging in as a registered 'consumer', but it wouldn't let me, so I tried using a registered 'business' username, but selected the 'consumer' radio button, it logged me in, and displayed Hello Business, you are signed in as a business user.

So, I assume something is wrong with my radio buttons, have I coded the form correctly?

[shocker-z]

if($usertype="business")

this needs to be

if($usertype=="business")

Same with the elseif statements too you need == NOT =

Regards
Liam

[ScottRiley]

Thanks very much, its fixed now, I was under the impression you could use both  ::), evidently not.  Thanks a lot Liam.

[shocker-z]

well using $usertype="business" means set $usertype to the value business which is always true that it has been set.. but $usertype=="business" say's if $usertype is ALREADY equal to business then do somthing.

Hope that helps you understand better :)

I use to do the same also :)

Liam

[ScottRiley]

yeah, I understand, I remember going through that, it just must've stuck in my head, I remember doing the same thing all the time when I coded in ActionScript, its really annoying... :-\