user and admin login

[georgehowell]

hallo php freaks.

the following code seems to have a problem differentiating between a user and administrator login:

<?php

@session_start();

 

function __autoload($class_name) {

    require_once $class_name . '.php';

}

 

if(isset($_POST['username']) && isset($_POST['password']))

    {

    $user = new User();

 

    if($user->login($_POST['username'], $_POST['password']))

        {

        $_SESSION['user'] = $user;

        include("home.php");

        exit();

        }

    }

?>

The intention is, that the Administrator is redirected to the Admin section of the site upon login, while all other users surf as usual. The "status" column in the database differentiates all other users from the administrator by containing either a "1" or "0", one being the Administrator.

 

Anyway, this is my attempt, which has errors.

If anyone out there has a more efficient approach to login forms, please let me know.

Thanks,

georgehowell

[phpchamps]

i guess problem is in your User class.. post the code of that class...

[georgehowell]

thanx a mil for your reply. Here's the code for "User.php"

 

<?php

class User extends ConnectToDb {

 

    public $username = "";

    private $cart;

    private $products = array();

 

 

    public function __construct() {

        parent::__construct();

    }

 

    public function login($username,$password) {

 

        $ps = $this->db->prepare("Select username, password from sz_users where username = ? and password  = ?");

 

        $this->username = $username;

 

        $ps->execute(array($username,$password));

 

        return ($ps->rowCount() == 1);

    }

 

    public function register($username,$password,

            $firstname,$lastname,$dob,$street,$city,$country,

            $zip,$homeAreaCode,$homeNo,$workAreaCode,$workNo,

            $email,$subscribe) {

 

        $ps = $this->db->prepare("Insert into SZ_users (username,password,firstname,

lastname,dob,street,city,country,zip,homeAreaCode,

homeNo,workAreaCode,workNo,email,subscribe) values (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)");

 

        $ps->execute(array($username,$password,

                $firstname,$lastname,$dob,$street,$city,

                $country,$zip,$homeAreaCode,$homeNo,

                $workAreaCode,$workNo,$email,$subscribe));

 

        return ($ps->rowCount() == 1);

    }

 

function get_username() {

        return $this->username;

    }

 

public function __sleep() {

        return array("username","cart","products");

    }

 

    public function __toString() {

        return "user = " . $username;

    }

 

}

?>

[phpchamps]

so, whts the problem bro?? just return the status column if login is successfull and in your function redirect user on the basis of status.. if 0 the admin panel if 1 then user panel...

 

Am i interpreting your question correctly?? coz by looking at the code i can say u have fairly good exp in php.. so why r u asking this questions....

[georgehowell]

thanks for your reply.

actually, my teacher wrote most of this. I'm just having problems with it now, in that the Administrator login isn't linking to that required section of the site.

Attached is the "User.php" file, which may be the problem.

It's for a school project which is due in two weeks. There's two others in my team as well, and we all would be very very appreciative towards any help that you may offer.

Cheers,georgehowell

 

[attachment deleted by admin]

[ignace]

A little example:

 

if($user->login($_POST['username'], $_POST['password'])) {
  if ($user->isAdministrator()) {
    header('Location: ..');
    exit(0);
  } else {
    header('Location: ..');
    exit(0);
  }
}

 

You would do well to separate your DB from your User class. And since when is an Array of products part of a User? Shouldn't these be in your Cart class?

 

PS Did you or your teacher write class User extends ConnectToDb? If so, then ask him since when do models save state?