Jump to content

User level

Vatik

By Vatik
in PHP Coding Help

 Share

Recommended Posts

Vatik Newbie

Vatik

Posted
Posted
I am designing a login type site that when you log in depending on your user level you will be taken to a page. I found a simple login script, the only problem is now i keep running into issues about the user level.

this is the code im using..
[code]<?php
ob_start();
$host="**"; // Host name
$username="**"; // Mysql username
$password="**"; // Mysql password
$db_name="**"; // Database name
$tbl_name="**"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=md5($_POST['mypassword'];

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");

header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}

ob_end_flush();
?>
[/code]

on my mysql table i have a column called User_level but i just cant figure out how to do it. I tried to do session_register('user_level') = 1
header (suchandsuch)

but that didnt turn out good.

Thanks for taking the time to read this.
Link to comment
Share on other sites
LazyJones Newbie

LazyJones

Posted
Posted
you'd want to fetch the user level from database and compare it

if($user_level == 1) header("location:normal_user.php");
if($user_level == 2) header("location:admin.php");
...

or something of that sort.
I'll leave the query of the user level as a homework...


BTW.

session_register('user_level') = 1

makes on sense. session_register() is a function which returns TRUE if the registering is succesfull...

and you'll be better off using plain $_SESSION array values (like $_SESSION["user_level"] )
Link to comment
Share on other sites
Vatik Newbie

Vatik

Posted
  • Author
Posted
Wow! that was a quick reply thanks wasnt expecting one so fast.

I tried out the If statements but the page just is all white and doesnt go to those phps.

My coding ended up looking like this

[code]<?php
ob_start();
$host="***"; // Host name
$username="***"; // Mysql username
$password="***"; // Mysql password
$db_name="Login_integinc_ca"; // Database name
$tbl_name="Clients"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=md5($_POST['mypassword'];

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION ["myusername"];
$_SESSION ["mypassword"];

$sql="SELECT * FROM $tbl_name WHERE user_level='$user_level'";
if($user_level = 1) header("login_success.php");
if($user_level = 2) header("location:admin.php");
}

else {
echo "Wrong Username or Password";
}

ob_end_flush();
?>
[/code]

i thought i was on the right path am i far off or something?
Link to comment
Share on other sites
redarrow Advanced Member

redarrow

Posted
Posted
[code]
<?php
ob_start();

$host="***"; // Host name
$username="***"; // Mysql username
$password="***"; // Mysql password
$db_name="Login_integinc_ca"; // Database name
$tbl_name="Clients"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=md5($_POST['mypassword'];

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION ["myusername"];
$_SESSION ["mypassword"];

$sql="SELECT * FROM $tbl_name WHERE user_level='$user_level'";

if($user_level == 1){

header("login_success.php"){

}elseif($user_level == 2) {

header("location:admin.php");

}else{

echo "Wrong Username or Password";

}

ob_end_flush();
?>
[/code]
Link to comment
Share on other sites
trq Prolific Member

trq

Posted
Posted
Neither of you managed to define $user_level. Try something like....

[code=php:0]
<?php
  ob_start();
  $host="***"; // Host name
  $username="***"; // Mysql username
  $password="***"; // Mysql password
  $db_name="Login_integinc_ca"; // Database name
  $tbl_name="Clients"; // Table name

// Connect to server and select databse.
  mysql_connect($host, $username, $password) or die("cannot connect");
  mysql_select_db($db_name)or die("cannot select DB");

  if (isset($_POST['myusername']) && isset($_POST['mypassword'])) {
    // Define $myusername and $mypassword
    $myusername = $_POST['myusername'];
    $mypassword = md5($_POST['mypassword'];

    $sql="SELECT * FROM $tbl_name WHERE username='$myusername' AND password='$mypassword'";
    $result = mysql_query($sql) or die(mysql_error());

// Mysql_num_row is counting table row
    $count = mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

    if ($count == 1) {
      $row = mysql_fetch_assoc($result);
// Register $myusername, $mypassword and redirect to file "login_success.php"
      $_SESSION ["myusername"] = $row['myusername'];
      $_SESSION ["mypassword"] = $row['mypassword'];
      if ($row['user_level'] == 1) header("login_success.php");
      if ($row['user_level'] == 2) header("location:admin.php");
    } else {
      echo "Wrong Username or Password";
  }
  ob_end_flush();
?>
[/code]

PS: Ive also removed your db password from your post, dont want anyone hacking it.
Link to comment
Share on other sites
HuggieBear Member

HuggieBear

Posted
Posted
[quote author=Vatik link=topic=111941.msg453965#msg453965 date=1161201431]
on my mysql table i have a column called User_level
[/quote]

Don't forget case-sensitivity for table names, so thorpe's code needs to have this:

[code=php:0]if ($row['User_level'] == 2)
[/code]
not
[code=php:0]if ($row['user_level'] == 2)
[/code]

Regards
Huggie
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.