zyonsherlock Posted November 29, 2006 Share Posted November 29, 2006 guys what's up? i got a problem, i dunno how to make php determine the privilege of the user, i use sessions but it doesn't work, dunno if it was correct, here is the code:the login page:[code]<?phpsession_start();$error = '';if(isset($_POST['username']) && isset($_POST['password'])){ //if ($_POST['username'] == jovy && $_POST['password'] == jovy){ include 'library/dbconfig.php'; include 'library/dbconn.php'; $username = $_POST['username']; $password = $_POST['password']; $query="SELECT * FROM admin_sfs WHERE user = '$username' AND pass = PASSWORD('$password')"; $result = mysql_query($query) or die ('Error! Query Failed! '.mysql_error()); if (mysql_num_rows($result) == 1){ $_SESSION['db_logged_in'] = true; // $_SESSION['db_privileges'] = $result['privileges']; if ($result['privileges'] == "admin"){ $_SESSION['db_privileges_admin'] = true; } elseif($result['privileges'] == "accounting"){ $_SESSION['db_privileges_accounting'] = true; } header('Location: main.php'); exit; }else{ $error = 'Wrong ID/Password! Sorry...'; } include 'library/close.php';}?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><title>Login Page</title><link href="library/css.css" rel="stylesheet" type="text/css" /><style type="text/css"><!--.style2 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 14px;}--></style></head><body class="css"><?phpif ($error != '') {?><p align="center"><strong><?php echo $error; ?></strong></p><?php}?> <form id="frmLogin" name="frmLogin" method="post" action=""><table width="309" height="109" border="1" align="center"> <tr bgcolor="#003366"> <td colspan="4"><div align="center" class="style2">Login</div></td> </tr> <tr> <td width="37" height="24" align="left" valign="top" bgcolor="#003366"> </td> <td width="65" align="left" valign="top"><label><span class="css">Username:</span></label></td> <td width="144" align="left" valign="top"><input type="text" maxlength=20 name="username" id="username"/></td> <td width="35" align="left" valign="top" bgcolor="#003366"> </td> </tr> <tr> <td height="24" align="left" valign="top" bgcolor="#003366"> </td> <td align="left" valign="top"><label><span class="css">Password:</span></label></td> <td align="left" valign="top"><input type="password" name="password" maxlegth=45 id="password" /></td> <td align="left" valign="top" bgcolor="#003366"> </td> </tr> <tr> <td height="26" align="left" valign="top" bgcolor="#003366"> </td> <td align="left" valign="top" bgcolor="#003366"> </td> <td align="left" valign="top" bgcolor="#003366"><input name="Login" class="css" type="Submit" id="Login" value="Login" /></td> <td align="left" valign="top" bgcolor="#003366"> </td> </tr></table><p> <label></label></p></form></body></html>[/code]...and the main page:[code]<?phpsession_start(); if(!isset($_SESSION['db_logged_in']) || $_SESSION['db_logged_in'] !== true){ header('Location: login.php'); exit; }?><table width="990" height="591" border="0" cellpadding="0" cellspacing="0"> <tr> <td height="93" colspan="2"> </td> </tr> <tr> <td width="18%" height="603" valign="top"><table width="206" height="153" border="0" cellpadding="0" cellspacing="0"> <tr valign="top"> <td width="206" height="33">REQUEST FOR PROPOSALS </td> </tr> <tr valign="top"> <td class="navi"><p><a target="content" href="welcome.php">WELCOME TO SFS-OLP</a></p> <p>REQUEST PROPOSALS</p> <p><a target="content" href="peo-table.php">PEO</a></p> <p> <?php if (isset($_SESSION['db_logged_in'])){ /*include 'library/dbconfig.php'; include 'library/dbconn.php'; $query = "select * from admin_sfs"; $result = mysql_query($query)or die ('query error!' .mysql_error()); $row = mysql_fetch_assoc($result);*/ if (isset($_SESSION['db_privileges_admin'])){echo '<BR><a target="content" href="olp-table.php">OLP</a>';} else { echo 'OLP'; } if (isset($_SESSION['db_privileges_accounting'])){echo '<BR><a target="content" href="accounting.php">Accounting</a>';} else { echo '<BR> Accounting'; } echo '<BR><a target="parent" href="logout.php">logout</a>'; } ?> </p> <p> </p></td> </tr> </table> <p> </p></td> <td width="82%" height="603" valign="top" ><table width="810" height="602"> <tr> <td bordercolor="#000000"><iframe name="content" src="welcome.php" width="100%" height="100%"></iframe></td> </tr> </table></td> </tr></table>[/code]hope someone can help me with this one. Thanks in advance!!! Link to comment https://forums.phpfreaks.com/topic/28817-how-to-make-php-determine-privileges-in-login/ Share on other sites More sharing options...
chriscloyd Posted November 29, 2006 Share Posted November 29, 2006 hey ur login code looks alright but my suggestion make the session like$_SESSION['db_privileges']and then everytime u look for it do if ($_SESSION['db_privileges'] == "admin") {and on ur check to see if they are logged in it loks weird just do if(!isset($_SESSION['db_logged_in'])){header("Location: linkhere.php");} Link to comment https://forums.phpfreaks.com/topic/28817-how-to-make-php-determine-privileges-in-login/#findComment-131935 Share on other sites More sharing options...
zyonsherlock Posted November 29, 2006 Author Share Posted November 29, 2006 hi chriscloyd! thanks for your reply, but i've tried that yesterday and it still doesn't work. The error is that it doesn't show anything!just the logout link. Link to comment https://forums.phpfreaks.com/topic/28817-how-to-make-php-determine-privileges-in-login/#findComment-131946 Share on other sites More sharing options...
zyonsherlock Posted November 30, 2006 Author Share Posted November 30, 2006 hey guy's! i need an answer to this problem... please........................thanks! Link to comment https://forums.phpfreaks.com/topic/28817-how-to-make-php-determine-privileges-in-login/#findComment-132527 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.