Jump to content

login with different user level

siti155

By siti155
in PHP Coding Help

 Share

Recommended Posts

siti155 Newbie

siti155

Posted
Posted

i try to create login page with two different user level for example admin and staff. i did not get any error on my code but it just did not direct to the page it been set to. it just display wrong username or password. i not really sure what is wrong.

 

here is the code

 

loginForm.php

 

          <form action="login.php" method ="post">

          <table>
          <tr><td>Usernama</td>
              <td><input name="username" type="text" size = "15" maxlength = "15"/></td></tr>
      
      <tr><td>Password</td>
              <td><input name="password" type="password" size = "15" maxlength = "15"/></td></tr>
      </table>
  
          <br><input name="submit" type ="submit" value ="Login"/></td>
  
          </form>

 

login.php

 

<?php
ob_start();
$host="localhost"; 
$user="root"; 
$pass=""; 
$db_name="office"; 
$tbl_name="login"; 

mysql_connect("$host", "$user", "$pass")or die("cannot connect"); 
mysql_select_db("$db_name")or die("Cannot Select Database"); 

// username and password sent from form 
$sername=$_POST['username']; 
$password=$_POST['password']; 

$username = stripslashes($username); 
$password = stripslashes($password); 
$username = mysql_real_escape_string($username); 
$password = mysql_real_escape_string($password); 

$sql="SELECT * FROM daftarPenyelia WHERE user='$username' AND pass='$password' AND userLevel='$userLevel'"; 
$result=mysql_query($sql); 

// Mysql_num_row is counting table row 
$count=mysql_num_rows($result); 

if ($count == $userLevel)
{
   if ($userLevel == 1) 
  { 
        $_SESSION['username'] = $username; 
        $_SESSION['password'] = $password; 
        header("location:adminMenu.php"); 
   } 
   else if ($userLevel == 2)
  { 
        $_SESSION['username'] = $username; 
        $_SESSION['password'] = $password; 
        header("location:staffMenu.php"); 
   } 
}
else
{ 
echo "Wrong Username or Password"; 
} 
?>

 

can someone help me with this code and tell me what is wrong so that i can fix them

Link to comment
Share on other sites
Eiolon Advanced Member

Eiolon

Posted
Posted

In your SQL, you are asking it to select data based on the criteria of a username, password AND the userlevel.  Your fields being submitted are for username and password only. You are not submitting a userlevel field (nor should you be).

 

Secondly, you are saying that $count is your $userlevel is.  Basically, you are saying if 1 row is returned, then userlevel is equal to 1.  It will never be 2 because you should never have two of the same username/password combinations in your database.

 

So what you really need to do is modify your SQL to select the userlevel based on the submitted fields of the username and password.

 

$sql="SELECT userlevel FROM daftarPenyelia WHERE user='$username' AND pass='$password'";

 

Then you need to do your error checking.

 

If $count is = to 1, then there was a match for the username and password.  Once that has been done, determine if it was a 1 or 2 for the admin or staff to direct to the appropriate page.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.