Aosora Posted February 24, 2015 Share Posted February 24, 2015 I'm coding a lo gin form for a college assignment and i need two types of users to be able to use one log in form but be directed to different pages based on which ever type of user logs in. I already got the sql working i just don't know how to test what type of user was returned from the sql query and then redirect said user to the respective page. My code is below please help me i need to pass this assignment : <?php //1 Retrieve values from the POST $e = $_POST['email']; $p = md5($_POST['password']); //2 Sanitize and Validate the details $p = sanitize($p); //initialize feedback variable to empty $feedback= ""; if($e == ""){ //Validate fields for null or empty $feedback .= "<br/>Enter Email Address"; } if(!filter_var($e, FILTER_VALIDATE_EMAIL)){ $feedback .="<br/>Incorrect Format for Email Address"; } if($p == ""){ $feedback .= "<br/>Enter a Password"; } if($feedback != ""){ Header("Location:Mainpage.php?feedbackMsg=$feedback"); Header("Location:Mainpage.php?feedbackMsg=$feedback"); } else{ //3 Connect to DB SErver and Select DB include ("dbconnect.php"); //4 Create Query String $sqlSelectUser = "SELECT * FROM eventhost WHERE email = '$e' AND password = '$p' UNION SELECT * FROM wharehouse WHERE email = '$e' AND password = '$p'"; //5 Execute Query String $queryResult = mysql_query($sqlSelectUser); //6 Check Query Result (mysql_num_rows should be = to 1) if(mysql_num_rows($queryResult)==1) { //7 Retrieve Results from ResultSet $row = mysql_fetch_array($queryResult); //8 Start/Initialize Session session_start(); //9 Create Session Cookie $_SESSION['first'] = $row['firstname']; $_SESSION['host_Id'] = $row['hostId'] ; //10 Redirect to Main Menu Header("Location:studentMenu.php"); }else{ //USER NOT FOUND. REDIRECT TO LOGIN $feedback = "Invalid Login Credentials<br/>$sqlSelectUser"; Header("Location:Mainpage.php?feedbackMsg=$feedback"); } } //Function to sanitize the data function sanitize($data){ $data = trim($data); $data = mysql_real_escape_string($data); $data = filter_var($data, FILTER_SANITIZE_STRING); return $data; } ?> Quote Link to comment https://forums.phpfreaks.com/topic/294849-php-role-based-access/ Share on other sites More sharing options...
requinix Posted February 24, 2015 Share Posted February 24, 2015 //7 Retrieve Results from ResultSet $row = mysql_fetch_array($queryResult); That is where you get a row of data from the query. That row should have whatever value you need. Do a print_r($row);if you're not sure what's in it (hint: it mirrors the table columns). To redirect, you already have the header() so you just modify it accordingly. One thing, though: header() does not stop your code from executing, so since you actually want it to then you should exit;immediately after. Quote Link to comment https://forums.phpfreaks.com/topic/294849-php-role-based-access/#findComment-1506582 Share on other sites More sharing options...
Aosora Posted February 24, 2015 Author Share Posted February 24, 2015 I see what your saying and i got it to print but i still don't know how to construct my if statements for the two header redirects i wants something like the if statements below, oh and i also included one of the result returned from the sql query so if that can help u explain it to me: SQL Query: Array ( [0] => 1 [hostId] => 1 [1] => Ashely [firstname] => Ashely [2] => Narine [lastname] => Narine [3] => masterkakashi55@yahoo.com => masterkakashi55@yahoo.com [4] => 9015e616031d32a396eca3d7529398f2 [password] => 9015e616031d32a396eca3d7529398f2 ) Example of how i want my if statements but idk how to do it and what i typed below isn't working: if($row == $row['hostId']){ Header("Location:EventHostMenu.php"); } if($row == $row['whId']){ Header("Location:WarehouseMenu.php") } Quote Link to comment https://forums.phpfreaks.com/topic/294849-php-role-based-access/#findComment-1506628 Share on other sites More sharing options...
requinix Posted February 24, 2015 Share Posted February 24, 2015 ... What is the structure of the eventhost and "wharehouse" tables? Easiest way to answer would be with a SHOW CREATE TABLE: SHOW CREATE TABLE eventhost; SHOW CREATE TABLE wharehouse; Quote Link to comment https://forums.phpfreaks.com/topic/294849-php-role-based-access/#findComment-1506630 Share on other sites More sharing options...
Aosora Posted February 24, 2015 Author Share Posted February 24, 2015 Ok im not gonna lie at this point i am literally lost and don't know what to do if it means reading up a particular section please direct me to it. Or at least try and explain to me using code or something because i need to learn what is right so that in the future i can do better. Quote Link to comment https://forums.phpfreaks.com/topic/294849-php-role-based-access/#findComment-1506631 Share on other sites More sharing options...
requinix Posted February 24, 2015 Share Posted February 24, 2015 Use phpMyAdmin or MySQL Workbench or something to connect to your database manually. So that you can do things yourself, not through code. Find where you can run a SQL query directly and run those two queries I wrote. Then post the output of each. Or, alternatively, just tell me what the names of the columns are in both tables and what type of data (eg, VARCHAR or DATETIME) each one is. The SHOW CREATE TABLE queries I posted are a quick way of doing exactly that, but it's only quick if you can actually run the queries somewhere. Quote Link to comment https://forums.phpfreaks.com/topic/294849-php-role-based-access/#findComment-1506632 Share on other sites More sharing options...
Aosora Posted February 24, 2015 Author Share Posted February 24, 2015 (edited) i am already using phpMyAdmin and the names of the columns are hostId and whId the data types are int for both Edited February 24, 2015 by Aosora Quote Link to comment https://forums.phpfreaks.com/topic/294849-php-role-based-access/#findComment-1506636 Share on other sites More sharing options...
Aosora Posted February 24, 2015 Author Share Posted February 24, 2015 Ok i ran the queries this is what i got: wharehouse: CREATE TABLE `wharehouse` ( `whId` int(5) NOT NULL AUTO_INCREMENT, `firstname` varchar(50) NOT NULL, `lastname` varchar(50) NOT NULL, `email` varchar(100) NOT NULL, `password` varchar(255) NOT NULL, PRIMARY KEY (`whId`)) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1 eventhost: CREATE TABLE `eventhost` ( `hostId` int(5) NOT NULL AUTO_INCREMENT, `firstname` varchar(50) NOT NULL, `lastname` varchar(50) NOT NULL, `email` varchar(100) NOT NULL, `password` varchar(255) NOT NULL, PRIMARY KEY (`hostId`)) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=latin1 Quote Link to comment https://forums.phpfreaks.com/topic/294849-php-role-based-access/#findComment-1506642 Share on other sites More sharing options...
requinix Posted February 25, 2015 Share Posted February 25, 2015 Thought so... When you do a UNION, you only get the column names from the first row. That means the ID from the wharehouse table looks like "hostId" and not "whId". As such you can't tell which table a row came from. A question before we continue: what should happen if an email address is present in both tables? Quote Link to comment https://forums.phpfreaks.com/topic/294849-php-role-based-access/#findComment-1506650 Share on other sites More sharing options...
Aosora Posted February 25, 2015 Author Share Posted February 25, 2015 (edited) Typically one email address should not be used for more than one type of users so primarily this assumption was made so as to avoid such a conflict Edited February 25, 2015 by Aosora Quote Link to comment https://forums.phpfreaks.com/topic/294849-php-role-based-access/#findComment-1506652 Share on other sites More sharing options...
requinix Posted February 25, 2015 Share Posted February 25, 2015 "Typically"? Take the easy (easier) way out of this: do one query against eventhost, then if they're not there do a second query against wharehouse. Quote Link to comment https://forums.phpfreaks.com/topic/294849-php-role-based-access/#findComment-1506657 Share on other sites More sharing options...
Aosora Posted February 25, 2015 Author Share Posted February 25, 2015 Ok that being said what is the hard (harder) way just for curiosity sake ? Quote Link to comment https://forums.phpfreaks.com/topic/294849-php-role-based-access/#findComment-1506670 Share on other sites More sharing options...
requinix Posted February 25, 2015 Share Posted February 25, 2015 The harder way is restructuring your tables. Without knowing, well, anything about your application, my first thought would be Three tables. One of the user information: name, email, and password. And an ID, naturally. Then another table that has the user ID and potentially other things that may be useful and particularly pertinent. "Pertinent to what?" This table tells you which users are these "warehouse" people or whatever that's supposed to be. The third table is the same thing but for the "event host" people or whatever. Or maybe, The user table from before with an enum field of "warehouse" and "eventhost", like `type` ENUM("warehouse", "eventhost") NOT NULL,That way every user is definitely one thing or the other. Or you can use a SET to allow more than one. Or maybe, If there's a chance of having more than just "eventhost" and "warehouse" then maybe you need something where you won't have to change the schema. That tends to mean two or three tables. One table for users, no surprise. The second table relates a user (by ID) to a thing. That thing could be a string, like "eventhost", or it could be an ID to a third table which lists the different types (and would only have 1,warehouse and 2,eventhost to start). Quote Link to comment https://forums.phpfreaks.com/topic/294849-php-role-based-access/#findComment-1506676 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.