Jump to content

how to differ b/w admin and normal user, when user login

asad_black

By asad_black
in PHP Coding Help

 Share

Recommended Posts

asad_black Member

asad_black

Posted
Posted

hi i want to create a login page in which user login his username and id...!

 

In which  distinguish a administrator and normal user when they login.

 

when administrator login it redirect to admin page.

 

when normal user login it redirect to normal user page.

 

my database contain 4 fields.

 

userid, username, password, category

 

category contain value '1' or '0' for difference b/w user either its administrator or normal user.

 

'1' for administrator

and

'0' for normal user

 

but i dont know how to do the in the PHP coding.

 

my code is:



<?php
$host="localhost"; // Host name
$username="myweb"; // Mysql username
$password="myweb"; // Mysql password
$db_name="hms"; // Database name
$tbl_name="login"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$cate='1';

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' and category='1'";

$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

 

plz solve my problem as soon as possible

 

Link to comment
Share on other sites
calmchess Regular Member

calmchess

Posted
Posted

I'd create a session for normal user and  a diffrent session for an admin ......i'd look in the database and see if there is an admin bit set or a client bit set before assigning such session.....the admin bit and client bit would be set during signup then after the session is set i'd say if session is set for admin redirect to page1 else redirect to page admin......i'd probably redirect page upon self to check whether the sessions are logged inor not.

Link to comment
Share on other sites
The Little Guy Prolific Member

The Little Guy

Posted
Posted

first off, dont use session_register use $_SESSION. It would looks something like this:

 

session_start();
$_SESSION['id'] = $row['user_id'];
$_SESSION['use'] = $row['user_name'];
$_SESSION['logged'] = true;

 

Next to create you page, you would do something like this:

 

<?php
session_start();
$host="localhost"; // Host name
$username="myweb"; // Mysql username
$password="myweb"; // Mysql password
$db_name="hms"; // Database name
$tbl_name="login"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$cate='1';

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' and category='1'";

$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
$row = mysql_fetch_assoc($result);
$_SESSION["username"] = $row['username'];
$_SESSION["id"] = $row['id'];
$_SESSION["group"] = $row['category'];
$_SESSION["logged"] = true;
if($row['category'] == 1){
	header("location: admin.php");
}else{
	header("location: user.php");
}
exit;
}else{
header("location: login.php");
exit;
}
?>

 

next on pages where ONLY admins to be able to access, I would do this:

 

session_start();
if(!$_SESSION['logged'] && $_SESSION['group'] != 1){
// Send them back to the login page if they are not admin and not logged in
header("location: login.php");
exit;
}

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.