Jump to content

login with different user level


siti155

Recommended Posts

i try to create login page with two different user level for example admin and staff. i did not get any error on my code but it just did not direct to the page it been set to. it just display wrong username or password. i not really sure what is wrong.

 

here is the code

 

loginForm.php

 

          <form action="login.php" method ="post">

          <table>
          <tr><td>Usernama</td>
              <td><input name="username" type="text" size = "15" maxlength = "15"/></td></tr>
      
      <tr><td>Password</td>
              <td><input name="password" type="password" size = "15" maxlength = "15"/></td></tr>
      </table>
  
          <br><input name="submit" type ="submit" value ="Login"/></td>
  
          </form>

 

login.php

 

<?php
ob_start();
$host="localhost"; 
$user="root"; 
$pass=""; 
$db_name="office"; 
$tbl_name="login"; 

mysql_connect("$host", "$user", "$pass")or die("cannot connect"); 
mysql_select_db("$db_name")or die("Cannot Select Database"); 

// username and password sent from form 
$sername=$_POST['username']; 
$password=$_POST['password']; 

$username = stripslashes($username); 
$password = stripslashes($password); 
$username = mysql_real_escape_string($username); 
$password = mysql_real_escape_string($password); 

$sql="SELECT * FROM daftarPenyelia WHERE user='$username' AND pass='$password' AND userLevel='$userLevel'"; 
$result=mysql_query($sql); 

// Mysql_num_row is counting table row 
$count=mysql_num_rows($result); 

if ($count == $userLevel)
{
   if ($userLevel == 1) 
  { 
        $_SESSION['username'] = $username; 
        $_SESSION['password'] = $password; 
        header("location:adminMenu.php"); 
   } 
   else if ($userLevel == 2)
  { 
        $_SESSION['username'] = $username; 
        $_SESSION['password'] = $password; 
        header("location:staffMenu.php"); 
   } 
}
else
{ 
echo "Wrong Username or Password"; 
} 
?>

 

can someone help me with this code and tell me what is wrong so that i can fix them

Link to comment
https://forums.phpfreaks.com/topic/260496-login-with-different-user-level/
Share on other sites

In your SQL, you are asking it to select data based on the criteria of a username, password AND the userlevel.  Your fields being submitted are for username and password only. You are not submitting a userlevel field (nor should you be).

 

Secondly, you are saying that $count is your $userlevel is.  Basically, you are saying if 1 row is returned, then userlevel is equal to 1.  It will never be 2 because you should never have two of the same username/password combinations in your database.

 

So what you really need to do is modify your SQL to select the userlevel based on the submitted fields of the username and password.

 

$sql="SELECT userlevel FROM daftarPenyelia WHERE user='$username' AND pass='$password'"; 

 

Then you need to do your error checking.

 

If $count is = to 1, then there was a match for the username and password.  Once that has been done, determine if it was a 1 or 2 for the admin or staff to direct to the appropriate page.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.