Jump to content

Members area Login with permissions!

alekto

By alekto
in PHP Coding Help

 Share

Recommended Posts

alekto Newbie

alekto

Posted
Posted

Hi,

I need some help with my html/php, restricted access script.

The purpose with this script is to let users login to a members area; some with admin permission, some with newbe permission and some with advanced permissions. The permissions are pre-defined in the MySQL-DB with a use_level-field in the user-table. 

 

The different user-groups should have access to the following content:

admin      - permissions to everything (for now the same as advanced)

advanced  - lecture 1 and lecture 2

newbe      - only lecture 1

 

When I try to access this script, i get the folowing error: 

Parse error: syntax error, unexpected $end in /home/user123/public_html/Test_members_area/connexion.php on line 114

which referes to the last line </html>, and should not be removed!

 

I also wonder if the correct way to separate these user groups is to give them access to different versions of the same site? or is there a better way??

 

 

 

<?php
include('config.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <link href="<?php echo $design; ?>/style.css" rel="stylesheet" title="Style" />
        <title>Connexion</title>
    </head>
    <body>
        <div class="header">
                <a href="<?php echo $url_home; ?>"><img src="<?php echo $design; ?>/images/logo.png" alt="Members Area" /></a>
            </div>
<?php
//If the user is logged, we log him out
if(isset($_SESSION['username']))
{
        //We log him out by deleting the username and userid sessions
        unset($_SESSION['username'], $_SESSION['userid']);
?>
<div class="message">You have successfuly been loged out.<br />
<a href="<?php echo $url_home; ?>">Home</a></div>
<?php
}
else
{
        $ousername = '';
        //We check if the form has been sent
        if(isset($_POST['username'], $_POST['password']))
        {
                //We remove slashes depending on the configuration
                if(get_magic_quotes_gpc())
                {
                        $ousername = stripslashes($_POST['username']);
                        $username = mysql_real_escape_string(stripslashes($_POST['username']));
                        $password = stripslashes($_POST['password']);
                }
                else
                {
                        $username = mysql_real_escape_string($_POST['username']);
                        $password = $_POST['password'];
                }
                //We get the password of the user
                $req = mysql_query('select password,id,usr_level from users where username="'.$username.'"');
                $dn = mysql_fetch_array($req);
                //Get user level of the user
                $usr_level = $req['usr_level'];

                //We compare the submited password and the real one, and we check if the user exists
                if($dn['password']==$password and mysql_num_rows($req)>0)
                {
                        //If the password is good, we dont show the form
                        $form = false;
                        //We save the user name in the session username and the user Id in the session userid
                        $_SESSION['username'] = $_POST['username'];
                        $_SESSION['userid'] = $dn['id'];

                        if($usr_level == 1)
                        {
                          echo '<a href="index.php">Go Home - admin</a>.';
                        }
                        if($usr_level == 10)
                        {
                          echo '<a href="index1.php">Go Home - newbee</a>.';
                        }
                        if($usr_level == 11)
                        {
                         echo '<a href="index2.php">Go Home - advanced</a>.';
                        }	                  
                       else
                       {
                       //Otherwise, we say the password is incorrect.
                       $form = true;
                       $message = 'The username or password is incorrect.';
                       }
        	}
       		else
        	{
                $form = true;
        	}
        
        if($form)
        {
                //We display a message if necessary
        if(isset($message))
        {
                echo '<div class="message">'.$message.'</div>';
        }
        //We display the form
?>
<div class="content">
    <form action="connexion.php" method="post">
        Please type your IDs to log in:<br />
        <div class="center">
            <label for="username">Username</label><input type="text" name="username" id="username" value="<?php echo htmlentities($ousername, ENT_QUOTES, 'UTF-8'); ?>" /><br />
            <label for="password">Password</label><input type="password" name="password" id="password" /><br />
            <input type="submit" value="Log in" />
                </div>
    </form>
</div>

<?php
        }
}
?>


                <div class="foot"><a href="<?php echo $url_home; ?>">Go Home</a> - <a href="http://www.webestools.com/">Webestools</a></div>
        </body>
</html>

Link to comment
Share on other sites
alekto Newbie

alekto

Posted
  • Author
Posted

Thank you! This removed the error, but I still don't get the script to function the proper way.

After pressing login, and I get rederected to this .php-site, I don't get the Username and Password form to show up, only the Go Home and Webestools links are visible, this is the code-block that do not show up:

 


<div class="content">
    <form action="connexion.php" method="post">
        Please type your IDs to log in:<br />
        <div class="center">
            <label for="username">Username</label><input type="text" name="username" id="username" value="<?php echo htmlentities($ousername, ENT_QUOTES, 'UTF-8'); ?>" /><br />
            <label for="password">Password</label><input type="password" name="password" id="password" /><br />
            <input type="submit" value="Log in" />
                </div>
    </form>
</div>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.