iTech Posted April 27, 2014 Share Posted April 27, 2014 Hello I need help concerning my code. I can't figure out how, if the user has logged in with the usertype as "admin". If so they should see a link if not then they are normal user. Here is an image of the database here is my code: $queryget = mysql_query("SELECT usertype FROM tbl_usernames") or die ("Query failed."); $row = mysql_fetch_assoc($queryget); if($_SESSION['username']= $row['usertype'] == "admin") { echo "<p><a href='create_user.php'>Create a new user</a></p>"; } else { echo "You are a normal user."; } Quote Link to comment https://forums.phpfreaks.com/topic/288056-need-help-please/ Share on other sites More sharing options...
Solution adam_bray Posted April 27, 2014 Solution Share Posted April 27, 2014 Your code and database are really insecure, and you should use mysqli_* instead of mysql_* functions. This should work - <?php $user = mysql_real_escape_string($_SESSION['username']); $queryget = mysql_query('SELECT usertype FROM tbl_usernames WHERE user = \''.$user.'\' LIMIT 1;') or die ('Query failed. ' . mysql_error()); $row = mysql_fetch_assoc($queryget); if($row['usertype'] == 'admin') { echo '<p><a href="create_user.php">Create a new user</a></p>'; } else { echo 'You are a normal user.'; } ?> Quote Link to comment https://forums.phpfreaks.com/topic/288056-need-help-please/#findComment-1477430 Share on other sites More sharing options...
iTech Posted April 27, 2014 Author Share Posted April 27, 2014 Thanks so much you saved me so much time! I appreaciate this thank you very much ! Quote Link to comment https://forums.phpfreaks.com/topic/288056-need-help-please/#findComment-1477431 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.