T1hom7as Posted April 10, 2015 Share Posted April 10, 2015 Hi, I have my login system working fine with sessions. Now I want to use access levels. So if user 1 with access level 1 logs in, he redirects to profile.php. If user 2 with access level 2 logs in, he redirects to main_stats.php. Here is what I have so far for my login.php, however it is not reading the $user_id nor the $access_id: http://codepad.viper-7.com/Ck0Tsr Wondering if anyone can help? Quote Link to comment Share on other sites More sharing options...
ginerjm Posted April 10, 2015 Share Posted April 10, 2015 Post your relevant code so we can see it. Quote Link to comment Share on other sites More sharing options...
Tom10 Posted April 10, 2015 Share Posted April 10, 2015 (edited) Here is an example which may help you but as gingerjm said there is not much we can do please post your code in this thread and list the errors you are getting <?php require 'connect.php'; session_start(); @error_reporting(E_ALL | E_NOTICE); //set to 0 when on a live server @ini_set('display_errors', 1); //set to 0 when on a live server if($_SERVER['REQUEST_METHOD'] == "POST") { $username = $_POST['user']; $password = $_POST['pass']; $username = strip_tags($username); $username = htmlentities($username, ENT_QUOTES); $username = htmlspecialchars($username, ENT_QUOTES); if(preg_match("#[^\w\b\s]#", $username)) { echo "<h1><span style='color: #222; font-weight: bold; font-size: 38px; font-family: sans-serif;'>Username has been rejected.</h1>"; echo "<h3><u>Your requested username:</u> ".$username." </h3>"; echo "<h3><u>Why has my username been disallowed?</u></h3><br>"; echo "<li>Your username contains illeagal characters such as: !&*(#~{;$%^+=</li>"; die(); } $password = hash('gost-crypto', $password); $stmt = $handler->prepare("SELECT * FROM users WHERE BINARY username = BINARY '{$username}' AND BINARY password = BINARY '{$password}'"); $stmt->execute(); $row = $stmt->fetch(PDO::FETCH_ASSOC); if($stmt->rowCount() > 0) { if($row['rank'] > 0) { $_SESSION['username'] = $username; $_SESSION['loggedIn'] = 1; $_SESSION['rank'] = 1; $_SESSION['status'] = 1; echo '<meta http-equiv="refresh" content="0;admin.php" />'; } else if($row['rank'] < 1) { $_SESSION['username'] = $username; $_SESSION['loggedIn'] = 1; $_SESSION['rank'] = 0; $_SESSION['status'] = 1; echo '<br><br><br><br><br><br><br>'; echo '<center><img src="https://ers.snapuptickets.com/ers/images/loading-spiral.gif" width="100" /></center>'; echo '<center><br><h3><b>Loading. Please wait..</b></h3></center>'; echo '<meta http-equiv="refresh" content="3;user.php" />'; exit(); } else if($row['rank'] < 0) { die("Error: Your account has been banned!"); } } else { die(" <h1>Username or Password incorrect.</h1> <br> <u><b>Please note:</b></u> <li>Usernames and passwords are case-sensitive!</li> "); } } ?> Here is an example i coded a while back, not the best but should be ok for your question. Edited April 10, 2015 by Tom10 Quote Link to comment Share on other sites More sharing options...
ginerjm Posted April 10, 2015 Share Posted April 10, 2015 I'd remove the @ chars. Why would you EVER NOT want to know if those two statements failed for some strange reason? There is some debate over the worth of the @ usage. I don't believe in it being used ever since hiding errors/notices is simply not the way to be a good programmer. If it's an error, handle it. If it's a notice, well, it is a notice and must be there for a reason so if you are aware of it, program around the reason for it. 1 Quote Link to comment Share on other sites More sharing options...
Solution T1hom7as Posted April 11, 2015 Author Solution Share Posted April 11, 2015 Sorry guys I managed to fix the issue, I wasn't calling the variables correctly. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.