shebbycs Posted November 18, 2011 Share Posted November 18, 2011 Login.php <?php mysql_connect("localhost","root") or die(mysql_error()); mysql_select_db("Regis") or die(mysql_error()); if (isset($_POST["sub"])) { $_POST['pass'] = md5($_POST['pass']); if (!get_magic_quotes_gpc()) { $_POST['username'] = addslashes($_POST['username']); $_POST['pass'] = addslashes($_POST['pass']); } $usercheck = $_POST["username"]; $check = mysql_query("SELECT username FROM registration WHERE username = '$usercheck'") or die(mysql_error()); $check2 = mysql_num_rows($check); //if the name exists it gives an error if ($check2 != 0) { echo("<SCRIPT LANGUAGE='JavaScript'>window.alert('Sorry, the username" ." ".$usercheck." ". "is already in use.')</SCRIPT>"); echo ("<SCRIPT LANGUAGE='JavaScript'>setTimeOut(window.location = 'registration.php',1)</script>"); } else if($_POST['username'] && $_POST['pass'] && $_POST['pass2'] ) { $insert = "INSERT INTO registration (username, password) VALUES ('".$_POST['username']."', '".$_POST['pass']."')"; $add_member = mysql_query($insert); echo("<SCRIPT LANGUAGE='JavaScript'>window.alert('Registration had been succesfully added ')</SCRIPT>"); } } ?> <html> <head> <script type="text/javascript"> function a() { var x = document.login.username.value; var y = document.login.pass.value; if(x==""&& y=="") { alert("Please insert all message!"); return false; } if(x=="") { alert("Please insert an username!"); return false; } if(y=="") { alert("Please insert an password!"); return false; } } </script> </head> <body> <table border="0"> <form name="login" method="post" action="form2.php" onsubmit="return a()"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td> <td><input type="text" name="username" maxlength="40"></td></tr> <tr><td>Password:</td> <td><input type="password" name="pass" maxlength="50"></td></tr> <tr><td><input type="submit" name="submit" value="Register"></a></td> <td><input type="submit" name="submit" value="Login"></td></tr> </form> </body></html> form2.php <?php mysql_connect("localhost","root") or die(mysql_error()); mysql_select_db("cute") or die(mysql_error()); $message=$_POST['message']; $n=$_POST['username']; if(isset($_POST['submit'])) //if submit button push has been detected { if(strlen($message)>1) { $message=strip_tags($message); $IP=$_SERVER["REMOTE_ADDR"]; //grabs poster's IP $checkforbanned="SELECT IP from ipbans where IP='$IP'"; $checkforbanned2=mysql_query($checkforbanned) or die("Could not check for banned IPS"); if(mysql_num_rows($checkforbanned2)>0) //IP is in the banned list { print "You IP is banned from posting."; } else { $thedate = date("U"); //grab date and time of the post $insertmessage="INSERT into chatmessages (name,IP,postime,message) values('$n','$IP','$thedate','$message')"; mysql_query($insertmessage) or die("Could not insert message"); } } } ?> <html> <head> <script type="text/javascript"> function addsmiley(code) { var pretext = document.smile.message.value; this.code = code; document.smile.message.value = pretext + code; } function a() { var x = document.smile.message.value; if(x=="") { alert("Please insert an message!"); return false; } } </script> <style type="text/css"> body{ background-color: #d8da3d } </style> </head> <body> <form name="smile" method="post" action="form2.php" onSubmit="return a()" > Your message:<br><textarea name='message' cols='40' rows='2'></textarea><br> <img src="smile.gif" alt="" onClick="addsmiley('')" style="cursor:pointer;border:0" /> <img src="blush.gif" alt="" onClick="addsmiley('*blush*')" style="cursor:pointer;border:0" /> <input type="hidden" name="username" value="<?php echo $n;?>"> <input type='submit' name='submit' value='Send' class='biasa' ></form> <br> <br> </body> </html> My problem is in login.php in form section, can one form can be used user or admin because just now im doing is for user if user login it goes to form2.php but im want also in the same form if admin the form post to form3.php any way to do that thank you Quote Link to comment Share on other sites More sharing options...
freelance84 Posted November 18, 2011 Share Posted November 18, 2011 You can change your database to have a user type field. The when logging in check the user type and redirect accordingly or set other variables accordingly depending on your application. Quote Link to comment Share on other sites More sharing options...
shebbycs Posted November 18, 2011 Author Share Posted November 18, 2011 You can change your database to have a user type field. The when logging in check the user type and redirect accordingly or set other variables accordingly depending on your application. im sorry still im din get you can you show one example Quote Link to comment Share on other sites More sharing options...
ManiacDan Posted November 18, 2011 Share Posted November 18, 2011 Did you write any of this login code yourself? What was suggested is relatively simple: 1) Add a user_type column to your database 2) Upon successful login, after you check their password but before you redirect, set some session variables for their user type 3) Redirect to a different place based on user type. Quote Link to comment Share on other sites More sharing options...
shebbycs Posted November 18, 2011 Author Share Posted November 18, 2011 Did you write any of this login code yourself? What was suggested is relatively simple: 1) Add a user_type column to your database 2) Upon successful login, after you check their password but before you redirect, set some session variables for their user type 3) Redirect to a different place based on user type. im do not get the second ones as my code did not using session so im a bit confused with session variables thats why im asking for example so i can learn it sir Quote Link to comment Share on other sites More sharing options...
ManiacDan Posted November 18, 2011 Share Posted November 18, 2011 How are you performing logins without using the session? When I visit a page on your site, how does that page know I'm logged in? Quote Link to comment Share on other sites More sharing options...
shebbycs Posted November 19, 2011 Author Share Posted November 19, 2011 How are you performing logins without using the session? When I visit a page on your site, how does that page know I'm logged in? sir im sorry as im new to php im never use session variables so im a bit confuse on it any example for php session? Quote Link to comment Share on other sites More sharing options...
ManiacDan Posted November 19, 2011 Share Posted November 19, 2011 Answer the question first. When a user visits a page on your site that requires them to be logged in, how does the site determine if they're logged in? Quote Link to comment Share on other sites More sharing options...
shebbycs Posted November 19, 2011 Author Share Posted November 19, 2011 Answer the question first. When a user visits a page on your site that requires them to be logged in, how does the site determine if they're logged in? sir as im told you im really don know the session function is but when im see back it can block someone who want come on the site that had been logged in and to you question my answer is based on login im means it checked the database and login Quote Link to comment Share on other sites More sharing options...
voip03 Posted November 19, 2011 Share Posted November 19, 2011 pl read this articles about session. http://php.about.com/od/advancedphp/ss/php_sessions.htm http://www.tizag.com/phpT/phpsessions.php http://phpsec.org/projects/guide/4.html Google it for admin login PHP... http://www.phpeasycode.com/adminlogin/ Quote Link to comment Share on other sites More sharing options...
shebbycs Posted November 19, 2011 Author Share Posted November 19, 2011 but let me edit my code then again im ask thanks for the help Quote Link to comment Share on other sites More sharing options...
ManiacDan Posted November 20, 2011 Share Posted November 20, 2011 I'm afraid either the language barrier is too strong or your skill is too low. I'll try to ask it step-by-step: 1) I visit your site 2) I log in 3) I visit an area that can only be access by members who are logged in 4) WHAT HAPPENS HERE? 5) The page is displayed because I am a verified member. Quote Link to comment Share on other sites More sharing options...
shebbycs Posted November 20, 2011 Author Share Posted November 20, 2011 I'm afraid either the language barrier is too strong or your skill is too low. I'll try to ask it step-by-step: 1) I visit your site 2) I log in 3) I visit an area that can only be access by members who are logged in 4) WHAT HAPPENS HERE? 5) The page is displayed because I am a verified member. ya my english skill is low sir but for php if im can learn im can get it but im cannot get with user level, you has some example of php session with user level tutorial? Quote Link to comment Share on other sites More sharing options...
litebearer Posted November 20, 2011 Share Posted November 20, 2011 A VERY rough idea... page1.php (no sessions) login form username password submit to page2.php page2.php session_start() validate form variables connect to database check if username and password are valid if valid retrieve user_status from db (1 is regular user 2 is admin) set session variable - $_SESSION['user_level'] = 1 or 2 redirect to page3.php page3.php session_start() $user_level = $_SESSION['user_level']; if $user_level = 1 show user content/menu/etc else if $user_level = 2 show admin content/menu/etc else send back to login Quote Link to comment Share on other sites More sharing options...
shebbycs Posted November 20, 2011 Author Share Posted November 20, 2011 A VERY rough idea... page1.php (no sessions) login form username password submit to page2.php page2.php session_start() validate form variables connect to database check if username and password are valid if valid retrieve user_status from db (1 is regular user 2 is admin) set session variable - $_SESSION['user_level'] = 1 or 2 redirect to page3.php page3.php session_start() $user_level = $_SESSION['user_level']; if $user_level = 1 show user content/menu/etc else if $user_level = 2 show admin content/menu/etc else send back to login ok thanks, let me doing by myself if anything doubt im will ask again Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.