asad_black Posted January 8, 2010 Share Posted January 8, 2010 hi i want to create a login page in which user login his username and id...! In which distinguish a administrator and normal user when they login. when administrator login it redirect to admin page. when normal user login it redirect to normal user page. my database contain 4 fields. userid, username, password, category category contain value '1' or '0' for difference b/w user either its administrator or normal user. '1' for administrator and '0' for normal user but i dont know how to do the in the PHP coding. my code is: <?php $host="localhost"; // Host name $username="myweb"; // Mysql username $password="myweb"; // Mysql password $db_name="hms"; // Database name $tbl_name="login"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; $cate='1'; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' and category='1'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:login_success.php"); } else { echo "Wrong Username or Password"; } ?> plz solve my problem as soon as possible Quote Link to comment Share on other sites More sharing options...
calmchess Posted January 8, 2010 Share Posted January 8, 2010 I'd create a session for normal user and a diffrent session for an admin ......i'd look in the database and see if there is an admin bit set or a client bit set before assigning such session.....the admin bit and client bit would be set during signup then after the session is set i'd say if session is set for admin redirect to page1 else redirect to page admin......i'd probably redirect page upon self to check whether the sessions are logged inor not. Quote Link to comment Share on other sites More sharing options...
asad_black Posted January 8, 2010 Author Share Posted January 8, 2010 if u explain this thing in code then i will be very thankful of u:( Quote Link to comment Share on other sites More sharing options...
The Little Guy Posted January 8, 2010 Share Posted January 8, 2010 first off, dont use session_register use $_SESSION. It would looks something like this: session_start(); $_SESSION['id'] = $row['user_id']; $_SESSION['use'] = $row['user_name']; $_SESSION['logged'] = true; Next to create you page, you would do something like this: <?php session_start(); $host="localhost"; // Host name $username="myweb"; // Mysql username $password="myweb"; // Mysql password $db_name="hms"; // Database name $tbl_name="login"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; $cate='1'; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' and category='1'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" $row = mysql_fetch_assoc($result); $_SESSION["username"] = $row['username']; $_SESSION["id"] = $row['id']; $_SESSION["group"] = $row['category']; $_SESSION["logged"] = true; if($row['category'] == 1){ header("location: admin.php"); }else{ header("location: user.php"); } exit; }else{ header("location: login.php"); exit; } ?> next on pages where ONLY admins to be able to access, I would do this: session_start(); if(!$_SESSION['logged'] && $_SESSION['group'] != 1){ // Send them back to the login page if they are not admin and not logged in header("location: login.php"); exit; } Quote Link to comment Share on other sites More sharing options...
asad_black Posted January 9, 2010 Author Share Posted January 9, 2010 thank you so much Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.