Tom8001 Posted November 24, 2014 Share Posted November 24, 2014 (edited) i need to know how i can check a users level in my login.php page it works i have $sql = "SELECT * FROM $tbl_name WHERE username = '$username' AND password='$password'"; $result = mysql_query($sql); $count = mysql_num_rows($result); $row = mysql_fetch_assoc($result); $user_level = $row['user_level']; if($count == 1) { $_SESSION['loggedIn'] = true; session_write_close(); header("Location: index.php"); } else { echo "The username or password you entered is incorrect!"; } if($row['user_level'] == 1) { header("Location: admin.php"); } else if($row['user_level'] == -1) { header("Location: banned.php"); } but i need to know how to check it in another file because it is not working i am trying to add it to admin.php to check the users level & if they are not admin then echo you are not admin. <-- it says that although the user is an administrator it is saying they are not. This is what i have in admin.php <?php require 'connect.php'; session_start(); $sql = "SELECT * FROM $tbl_name WHERE username = '$username' AND password='$password'"; $result = mysql_query($sql); $row = mysql_fetch_assoc($result); $user_level = $row['user_level']; if(!isset($_SESSION['loggedIn'])) { echo "You are not currently logged in and to view this page you must be logged in to have access. <a href='login.php'> You can login here </a>"; die(); } if($row['user_level'] == 1) { //DO NOTHING } else { echo "Your not an administrator so you are denied access to this page."; die(); } ?> Edited November 24, 2014 by Tom8001 Quote Link to comment https://forums.phpfreaks.com/topic/292692-how-do-i-check-a-users-level/ Share on other sites More sharing options...
Barand Posted November 24, 2014 Share Posted November 24, 2014 Where are $username and $password defined in admin.php? Why don't you just store the user level in the session and check that in admin.php instead of re-querying the db? Quote Link to comment https://forums.phpfreaks.com/topic/292692-how-do-i-check-a-users-level/#findComment-1497551 Share on other sites More sharing options...
Tom8001 Posted November 24, 2014 Author Share Posted November 24, 2014 How do you store it in the session? Quote Link to comment https://forums.phpfreaks.com/topic/292692-how-do-i-check-a-users-level/#findComment-1497553 Share on other sites More sharing options...
QuickOldCar Posted November 24, 2014 Share Posted November 24, 2014 When you are creating the sessions for being logged in also create a user_level one $_SESSION['user_level'] = 1; Quote Link to comment https://forums.phpfreaks.com/topic/292692-how-do-i-check-a-users-level/#findComment-1497557 Share on other sites More sharing options...
Solution QuickOldCar Posted November 24, 2014 Solution Share Posted November 24, 2014 (edited) I made some changes $sql = "SELECT * FROM $tbl_name WHERE username = '$username' AND password='$password'"; $result = mysql_query($sql); $count = mysql_num_rows($result); $row = mysql_fetch_assoc($result); $user_level = $row['user_level']; if ($count == 1) { $_SESSION['loggedIn'] = true; if ($row['user_level'] == 1) { $_SESSION['user_level'] = 1; header("Location: admin.php"); exit(); } else if ($row['user_level'] == -1) { $_SESSION['user_level'] = -1; header("Location: banned.php"); exit(); } //default user //setting them a user level? header("Location: index.php"); exit(); } else { header("Location: login.php"); exit(); } Then the checking session <?php session_start(); if (!isset($_SESSION['loggedIn'])) { echo "You are not currently logged in and to view this page you must be logged in to have access. <a href='login.php'> You can login here </a>"; die(); } if ($_SESSION['user_level'] == -1) { //banned die("You are banned"); } if ($_SESSION['user_level'] == 1) { //admin //DO NOTHING } else { //not admin echo "Your not an administrator so you are denied access to this page."; die(); } ?> Edited November 24, 2014 by QuickOldCar 1 Quote Link to comment https://forums.phpfreaks.com/topic/292692-how-do-i-check-a-users-level/#findComment-1497561 Share on other sites More sharing options...
Tom8001 Posted November 24, 2014 Author Share Posted November 24, 2014 Thank you QuickCar that helped me alot Quote Link to comment https://forums.phpfreaks.com/topic/292692-how-do-i-check-a-users-level/#findComment-1497563 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.