Jump to content

User level


Vatik

Recommended Posts

I am designing a login type site that when you log in depending on your user level you will be taken to a page. I found a simple login script, the only problem is now i keep running into issues about the user level.

this is the code im using..
[code]<?php
ob_start();
$host="**"; // Host name
$username="**"; // Mysql username
$password="**"; // Mysql password
$db_name="**"; // Database name
$tbl_name="**"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=md5($_POST['mypassword'];

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");

header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}

ob_end_flush();
?>
[/code]

on my mysql table i have a column called User_level but i just cant figure out how to do it. I tried to do session_register('user_level') = 1
header (suchandsuch)

but that didnt turn out good.

Thanks for taking the time to read this.
Link to comment
https://forums.phpfreaks.com/topic/24369-user-level/
Share on other sites

you'd want to fetch the user level from database and compare it

if($user_level == 1) header("location:normal_user.php");
if($user_level == 2) header("location:admin.php");
...

or something of that sort.
I'll leave the query of the user level as a homework...


BTW.

session_register('user_level') = 1

makes on sense. session_register() is a function which returns TRUE if the registering is succesfull...

and you'll be better off using plain $_SESSION array values (like $_SESSION["user_level"] )
Link to comment
https://forums.phpfreaks.com/topic/24369-user-level/#findComment-110863
Share on other sites

Wow! that was a quick reply thanks wasnt expecting one so fast.

I tried out the If statements but the page just is all white and doesnt go to those phps.

My coding ended up looking like this

[code]<?php
ob_start();
$host="***"; // Host name
$username="***"; // Mysql username
$password="***"; // Mysql password
$db_name="Login_integinc_ca"; // Database name
$tbl_name="Clients"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=md5($_POST['mypassword'];

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION ["myusername"];
$_SESSION ["mypassword"];

$sql="SELECT * FROM $tbl_name WHERE user_level='$user_level'";
if($user_level = 1) header("login_success.php");
if($user_level = 2) header("location:admin.php");
}

else {
echo "Wrong Username or Password";
}

ob_end_flush();
?>
[/code]

i thought i was on the right path am i far off or something?
Link to comment
https://forums.phpfreaks.com/topic/24369-user-level/#findComment-110873
Share on other sites

[code]
<?php
ob_start();

$host="***"; // Host name
$username="***"; // Mysql username
$password="***"; // Mysql password
$db_name="Login_integinc_ca"; // Database name
$tbl_name="Clients"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=md5($_POST['mypassword'];

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION ["myusername"];
$_SESSION ["mypassword"];

$sql="SELECT * FROM $tbl_name WHERE user_level='$user_level'";

if($user_level == 1){

header("login_success.php"){

}elseif($user_level == 2) {

header("location:admin.php");

}else{

echo "Wrong Username or Password";

}

ob_end_flush();
?>
[/code]
Link to comment
https://forums.phpfreaks.com/topic/24369-user-level/#findComment-110991
Share on other sites

Neither of you managed to define $user_level. Try something like....

[code=php:0]
<?php
  ob_start();
  $host="***"; // Host name
  $username="***"; // Mysql username
  $password="***"; // Mysql password
  $db_name="Login_integinc_ca"; // Database name
  $tbl_name="Clients"; // Table name

// Connect to server and select databse.
  mysql_connect($host, $username, $password) or die("cannot connect");
  mysql_select_db($db_name)or die("cannot select DB");

  if (isset($_POST['myusername']) && isset($_POST['mypassword'])) {
    // Define $myusername and $mypassword
    $myusername = $_POST['myusername'];
    $mypassword = md5($_POST['mypassword'];

    $sql="SELECT * FROM $tbl_name WHERE username='$myusername' AND password='$mypassword'";
    $result = mysql_query($sql) or die(mysql_error());

// Mysql_num_row is counting table row
    $count = mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

    if ($count == 1) {
      $row = mysql_fetch_assoc($result);
// Register $myusername, $mypassword and redirect to file "login_success.php"
      $_SESSION ["myusername"] = $row['myusername'];
      $_SESSION ["mypassword"] = $row['mypassword'];
      if ($row['user_level'] == 1) header("login_success.php");
      if ($row['user_level'] == 2) header("location:admin.php");
    } else {
      echo "Wrong Username or Password";
  }
  ob_end_flush();
?>
[/code]

PS: Ive also removed your db password from your post, dont want anyone hacking it.
Link to comment
https://forums.phpfreaks.com/topic/24369-user-level/#findComment-111027
Share on other sites

[quote author=Vatik link=topic=111941.msg453965#msg453965 date=1161201431]
on my mysql table i have a column called User_level
[/quote]

Don't forget case-sensitivity for table names, so thorpe's code needs to have this:

[code=php:0]if ($row['User_level'] == 2)
[/code]
not
[code=php:0]if ($row['user_level'] == 2)
[/code]

Regards
Huggie
Link to comment
https://forums.phpfreaks.com/topic/24369-user-level/#findComment-111372
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.