Jump to content

php folder path


Go to solution Solved by Ch0cu3r,

Recommended Posts

im having problem setting up folder paths in PHP ..want to secure my admin panel like www.mysite.com/admin/index.php if any one try and his user namd and password wrong then user should navigate to www.mysite.com i have a how to go 1 step back in php

here is my code...

<?php
session_start();
include('header.php');
include('config.php');
if (isset($_GET['logout']))
{
	session_unset();
	session_destroy();
	header('location:index.php?msg=You Are Log Out');
}
if (isset($_POST['submit']))
{
    $username = ($_POST['username']);
    $password = ($_POST['password']);

    $query  = "SELECT * FROM login WHERE user_name='$username' AND pass_word='$password' LIMIT 1";
    $result = mysql_query($query) or die(mysql_error());

    if(mysql_num_rows($result))
    {
    	
    	$_SESSION['username']=$username;
        
        $error = "You Can Not Access To Admin Panel";  
        header('location:college/index.php?error='.$error); //here what i should add?? 
        exit();
        
    }
    else {
    	  $error = "You Can Not Access To Admin Panel";
           header('location:/college/index.php?error='.$error);  //here what i should add?? 
    }
}

?>

<table class="login" align="center">
 <tr>
      <td class="table1" > Student Information System</td>
 </tr>
</table>

<div class="table2">
    <form method="post">
        <table class="table3" align="center">
            <?php if(isset($error)): ?>
            <tr>
                <td colspan="2" style="color: red; font-weight: bold"><?php echo $error; ?></td> 
            </tr>
            <?php endif; ?>
            <?php if(isset($_REQUEST['username'])): ?>
            <tr>
                <td colspan="2" style="color: red; font-weight: bold"><?php echo "Please Log In Usernme And Password"; ?></td> 
            </tr>
            <?php endif; ?>
            <tr>
                <td>Username</td>
                <td><input type="text" name="username"></td>
            </tr>
            <tr>
                <td>Password</td>
                <td><input type="password" name="password"></td>
            </tr>
            <tr>
                <td colspan="2" align="center"><input type="submit" name="submit" value="LogIn"></td>
            </tr>
        </table>
    </form>
</div>

<?php
include('footer.php');
?>

college is the name of my localhost folder localhost/college/admin/index.php

and there is another file localhost/college/index.php

i want if some 1 try to open admin panel and user enter username or password code navigate him to user panel

like if he access www.mysite.com/admin/index.php and he enter username and password there the code should navigate him to

www.mysite.com

Link to comment
https://forums.phpfreaks.com/topic/285492-php-folder-path/
Share on other sites

Why are you allow users to login from two different locations? You should provide login from one location.

 

You then decide where to redirect the user based on their access level, eg admin users go to admin cp, and everyone else goes to your homepage. In order to determine their access level you need to store that in your database. Example code

// query the database and get the users data, when username and password match
$query = "SELECT username, email, access_level FROM users WHERE username='$username' AND password='$password'";

$result = mysql_query($query);
if($result)
{
   // did query return any rows?
   if(mysql_num_rows($result))
   {
       $row = mysql_fetch_assoc($result);
       // save user data to session
       $_SESSION['username'] = $row['username'];
       $_SESSION['email']    = $row['email'];
       $_SESSION['access_level'] = $row['access_level'];

      // redirect based on access level
      if($row['access_level'] == 'admin')
      {
          header('location: /college/admin/');  // for admins
      }
      else
      {
          header('location: /college/'); // for everyone else
      }

      exit;
   }
   else
   {
      echo 'login failed, username password did not match';
   }
}
else
{
   // query failed probably due to an error
}
Edited by Ch0cu3r
Link to comment
https://forums.phpfreaks.com/topic/285492-php-folder-path/#findComment-1465747
Share on other sites

 

Why are you allow users to login from two different locations? You should provide login from one location.

 

You then decide where to redirect the user based on their access level, eg admin users go to admin cp, and everyone else goes to your homepage. In order to determine their access level you need to store that in your database. Example code

// query the database and get the users data, when username and password match
$query = "SELECT username, email, access_level FROM users WHERE username='$username' AND password='$password'";

$result = mysql_query($query);
if($result)
{
   // did query return any rows?
   if(mysql_num_rows($result))
   {
       $row = mysql_fetch_assoc($result);
       // save user data to session
       $_SESSION['username'] = $row['username'];
       $_SESSION['email']    = $row['email'];
       $_SESSION['access_level'] = $row['access_level'];

      // redirect based on access level
      if($row['access_level'] == 'admin')
      {
          header('location: /college/admin/');  // for admins
      }
      else
      {
          header('location: /college/'); // for everyone else
      }

      exit;
   }
   else
   {
      echo 'login failed, username password did not match';
   }
}
else
{
   // query failed probably due to an error
}

i Got this Logic bro and its quite Easy nd best way for this Code just need to know why we are storing Data in Sessions...im New in php so lil confuse here

Link to comment
https://forums.phpfreaks.com/topic/285492-php-folder-path/#findComment-1465787
Share on other sites

  • Solution

I save the users details in the session for use latter on. The data then becomes persistent whilst the user is logged in, provided you call session_start on all pages you use sessions. You then don't need to keep querying the database to get their info.

Link to comment
https://forums.phpfreaks.com/topic/285492-php-folder-path/#findComment-1465789
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.