lovephp Posted March 9, 2016 Share Posted March 9, 2016 im trying to redirect user according to their role, when i try logging in as admin it redirects ok but below amdin roles i get a blank login.php page ? if($result) { if(mysql_num_rows($result) == 1) { //Login Successful session_regenerate_id(); $user = mysql_fetch_assoc($result); $_SESSION['HOTEL_USER_ID'] = $user['id']; $_SESSION['HOTEL_UNAME'] = $user['uname']; $_SESSION['HOTEL_UROLE'] = $user['urole']; $role = $_SESSION['HOTEL_UROLE']; session_write_close(); if($role == 'Admin') header("location: reservation.php"); exit(); }elseif($role == 'Manager'){ header("location: reservation.php"); exit(); }elseif($role == 'Front_Desk'){ header("location: reservation.php"); exit(); }elseif($role == 'Writer'){ header("location: articles.php"); exit(); }else { Quote Link to comment Share on other sites More sharing options...
Solution mac_gyver Posted March 9, 2016 Solution Share Posted March 9, 2016 what debugging have you done to narrow down the problem? have you dumped (see: var_dump()) the role value so that you know what if anything it is? are you sure that login success code is even running for the users with those roles? if all your code is doing is mapping a set of values to other values, you shouldn't write out conditional logic (if/elseif/switch/case) for each possible choice. this will require that you edit the program logic just to add, remove, or change any of the possible choices. it also makes for cluttered code, which i just noticed is the cause of your problem. you have a missing {, which has made all your conditional logic off a bit. properly indenting your code, based on where matching { and } are at would help you make sure all the { and } are where you intend. you should instead write general purpose, data driven code, that defines data (arrays) that tells simple code what to do. see the following example - // define categories of roles (in a configuration file) $management = array('Admin', 'Manager', 'Front_Desk'); $staff = array('Writer'); // at the point of decided what to do for the category a role belongs to if(in_array($role,$management)){ header("location: reservation.php"); exit; } elseif (in_array($role,$staff)){ header("location: articles.php"); exit; } else { // none of the defined roles, handle that condition here... } next, logging someone in, involves identifying who they are, not what permissions/roles they have, which is a different concern/different process. all your login code should do, when the username/password has been confirmed, is to store the user_id in a session variable. after your post method form processing code successfully runs (with no errors), it should do a header() redirect to the exact same url that the form submitted to. this will cause a get request for the page, which stops the browser from trying to resubmit the form data. when each page gets requested, it should take the user_id from the session variable and query for the current user permissions/role. this will insure that any change made to a user's permissions/roles take affect on the very next page request. any page should take the user permissions/role and use them to determine what will be processed on the page and what will be displayed. Quote Link to comment Share on other sites More sharing options...
lovephp Posted March 9, 2016 Author Share Posted March 9, 2016 what debugging have you done to narrow down the problem? have you dumped (see: var_dump()) the role value so that you know what if anything it is? are you sure that login success code is even running for the users with those roles? if all your code is doing is mapping a set of values to other values, you shouldn't write out conditional logic (if/elseif/switch/case) for each possible choice. this will require that you edit the program logic just to add, remove, or change any of the possible choices. it also makes for cluttered code, which i just noticed is the cause of your problem. you have a missing {, which has made all your conditional logic off a bit. properly indenting your code, based on where matching { and } are at would help you make sure all the { and } are where you intend. you should instead write general purpose, data driven code, that defines data (arrays) that tells simple code what to do. see the following example - // define categories of roles (in a configuration file) $management = array('Admin', 'Manager', 'Front_Desk'); $staff = array('Writer'); // at the point of decided what to do for the category a role belongs to if(in_array($role,$management)){ header("location: reservation.php"); exit; } elseif (in_array($role,$staff)){ header("location: articles.php"); exit; } else { // none of the defined roles, handle that condition here... } next, logging someone in, involves identifying who they are, not what permissions/roles they have, which is a different concern/different process. all your login code should do, when the username/password has been confirmed, is to store the user_id in a session variable. after your post method form processing code successfully runs (with no errors), it should do a header() redirect to the exact same url that the form submitted to. this will cause a get request for the page, which stops the browser from trying to resubmit the form data. when each page gets requested, it should take the user_id from the session variable and query for the current user permissions/role. this will insure that any change made to a user's permissions/roles take affect on the very next page request. any page should take the user permissions/role and use them to determine what will be processed on the page and what will be displayed. your condition works like a charm bro. yes i messed it up a little with my if else conditions but got it sorted now thanks a ton. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.