Jump to content

Admin approval registration

Zeehamster

By Zeehamster
in PHP Coding Help

 Share

Recommended Posts

Zeehamster Member

Zeehamster

Posted
Posted (edited)

I'm trying to write a code that will check the Database at the user for the approval

 

if the approval = 0 i do not want the user to log in

if the approval = 1 i do want the user to log in

 

But i cant get it done, tried all sorts of code but cant get the correct one.

 

Maybe you guys could give me some help?

 

Greetings, Job

 

Register_1.php:

<?php

    include("dbcon.php");
    include("functions.php");

    $username = $_POST['username'];
    $password = $_POST['password'];


	 if ( $username == "" || $password == "" ) {
	    	header("location:index.php?login=wr");
	    } else {
	    	if ( hasInvalidCharacters($username) ) {
	    		echo "Gebruikersnaam kan alleen letters bevatten [a-z A-Z]";
	    	} else {

	    		$sql = "
	    		    SELECT
	    		        wachtwoord
	    		    FROM
	    		        timavnl_1.gebruikers
	    		    WHERE
	    		        gebruikersnaam = ?
	    		    LIMIT 1;
	    		";  

	    		$sql2 = "
	    		    SELECT
	    		        approval
	    		    FROM
	    		        timavnl_1.gebruikers
	    		    WHERE
	    		        gebruikersnaam = ?
	    		    LIMIT 1;
	    		";  	    		

	    		$stmt = $mysqli->prepare($sql);
	    		$stmt->bind_param('s', $username);
	    		$stmt->execute();
	    		$stmt->bind_result($hashedPw);

	    		$stmt->fetch();
	    		if ( !crypt($password, $hashedPw) == $hashedPw ) {

	    			header("location:index.php?login=false");

	    		} else {

	    			if ( $CheckedApp == 0 ) {

	    				header("location:index.php?login=nonapp")

	    		} else {

	    				echo "Inloggen is voltooid";
	    				
	    			}
	    		}

	    	}
	    }


?>
<!DOCTYPE html>
<html>
<head>
	<meta charset="UTF-8">
</head>
<body>
	<h1> hoi </h1>
</body>
</html>

Login_1.php:

<?php

    include("dbcon.php");
    include("functions.php");

    $username = $_POST['username'];
    $password = $_POST['password'];


	 if ( $username == "" || $password == "" ) {
	    	header("location:index.php?login=wr");
	    } else {
	    	if ( hasInvalidCharacters($username) ) {
	    		echo "Gebruikersnaam kan alleen letters bevatten [a-z A-Z]";
	    	} else {

	    		$sql = "
	    		    SELECT
	    		        wachtwoord
	    		    FROM
	    		        timavnl_1.gebruikers
	    		    WHERE
	    		        gebruikersnaam = ?
	    		    LIMIT 1;
	    		";  

	    		$sql2 = "
	    		    SELECT
	    		        approval
	    		    FROM
	    		        timavnl_1.gebruikers
	    		    WHERE
	    		        gebruikersnaam = ?
	    		    LIMIT 1;
	    		";  	    		

	    		$stmt = $mysqli->prepare($sql);
	    		$stmt->bind_param('s', $username);
	    		$stmt->execute();
	    		$stmt->bind_result($hashedPw);

	    		$stmt->fetch();
	    		if ( !crypt($password, $hashedPw) == $hashedPw ) {

	    			header("location:index.php?login=false");

	    		} else {

	    			if ( $CheckedApp == 0 ) {

	    				header("location:index.php?login=nonapp")

	    		} else {

	    				echo "Inloggen is voltooid";
	    				
	    			}
	    		}

	    	}
	    }


?>
<!DOCTYPE html>
<html>
<head>
	<meta charset="UTF-8">
</head>
<body>
	<h1> hoi </h1>
</body>
</html>
Edited by Zeehamster
Link to comment
Share on other sites
cyberRobot Prolific Member

cyberRobot

Posted
Posted

It looks like you are retrieving the "approval" column in a separate query assigned to $sql2. Are you executing the query somewhere?

 

Also, is there a reason for using two separate queries? You should be able to get both column values with:

$sql = "
    SELECT
        wachtwoord, approval
    FROM
        timavnl_1.gebruikers
    WHERE
        gebruikersnaam = ?
    LIMIT 1;
";
Link to comment
Share on other sites
Zeehamster Member

Zeehamster

Posted
  • Author
Posted

 

It looks like you are retrieving the "approval" column in a separate query assigned to $sql2. Are you executing the query somewhere?

 

Also, is there a reason for using two separate queries? You should be able to get both column values with:

$sql = "
    SELECT
        wachtwoord, approval
    FROM
        timavnl_1.gebruikers
    WHERE
        gebruikersnaam = ?
    LIMIT 1;
";

Thnx, editted it.

Link to comment
Share on other sites
Zeehamster Member

Zeehamster

Posted
  • Author
Posted

Now I see your code.

 

So - what is the value of approval?  Always the same?  Check your logic.

 

Try and be a little more informative instead of having us debug your entire script.

<?php

    include("dbcon.php");
    include("functions.php");

    $username = $_POST['username'];
    $password = $_POST['password'];


	 if ( $username == "" || $password == "" ) {
	    	header("location:index.php?login=wr");
	    } else {
	    	if ( hasInvalidCharacters($username) ) {
	    		echo "Gebruikersnaam kan alleen letters bevatten [a-z A-Z]";
	    	} else {

	    		$sql = "
	    		    SELECT
	    		        wachtwoord, approval
	    		    FROM
	    		        timavnl_1.gebruikers
	    		    WHERE
	    		        gebruikersnaam = ?
	    		    LIMIT 1;
	    		";    	    		

                //PASSWORD CHECK

	    		$stmt = $mysqli->prepare($sql);
	    		$stmt->bind_param('s', $username);
	    		$stmt->execute();
	    		$stmt->bind_result($hashedPw);

	    		//CHECK IF USER HAS CORRECT PASSWORD AND APPROVAL
	    		//APPROVAL NEEDS TO BE CHECKED WITH: $CheckedApp

	    		$stmt->fetch(); //PASSWORD CHECK + APPROVAL CHECK
	    		if ( !crypt($password, $hashedPw) == $hashedPw ) {

	    			header("location:index.php?login=false");

	    		} else { //CORRECT = LOGGED IN

	    			echo"password = correct | Logged in";
	    				
	    			}
	    		}

	    	}
	    }


?>
<!DOCTYPE html>
<html>
<head>
	<meta charset="UTF-8">
</head>
<body>
	<h1> hoi </h1>
</body>
</html>

i want the password & approval check in the if statement

and when password is correct and approval = 1 in database the user can log in

Link to comment
Share on other sites
cyberRobot Prolific Member

cyberRobot

Posted
Posted

The script is already working ;)

 

Sorry, wrong choice of words. I was just wondering if the problem is solved.

 

 

I wanna build a Admin Approval check in the if statement (see code in comments)

 

The query should now return the value of the "approval" column. You just need to modify the code to use it. Basically, you need to modify the call to bind_result() and adjust your if tests at the bottom to verify the "approval" column value.

Link to comment
Share on other sites
Zeehamster Member

Zeehamster

Posted
  • Author
Posted

Additionally, there is no need for LIMIT 1. The username is unique (it should be), therefore you are only going to get one result already.

Thanks,

 

Can't find how to checks if the approval = 1 of the user.

 

Current code:

	    		$stmt = $mysqli->prepare($sql);
	    		$stmt->bind_param('ss', $username, $approval);
	    		$stmt->execute();
	    		$stmt->bind_result($hashedPw, $CheckedApp);

	    		//CHECK IF USER HAS CORRECT PASSWORD AND APPROVAL
	    		//APPROVAL NEEDS TO BE CHECKED WITH: $CheckedApp

	    		$stmt->fetch(); //PASSWORD CHECK + APPROVAL CHECK
	    		if ( crypt($password, $hashedPw) == $hashedPw && $CheckedApp == 1 ) {

	    			echo"password = correct | Logged in";

	    		} else { //INCORRECT - Log OFF

	    			header("location:index.php?login=false");
	    				
	    			}
	    		}

	    	}
Link to comment
Share on other sites
cyberRobot Prolific Member

cyberRobot

Posted
Posted

Can't find how to checks if the approval = 1 of the user.

 

Does $CheckedApp contain what you expect? You could use PHP var_dump() function to find out.

 

Also note that I don't know what your database looks like. Does your database table (timavnl_1.gebruikers) contain a column named "approval"? Does that column contain the values you expect?

Link to comment
Share on other sites
Zeehamster Member

Zeehamster

Posted
  • Author
Posted

Does $CheckedApp contain what you expect? You could use PHP var_dump() function to find out.

 

The $CheckedApp is containing: NULL

 

 

 

Also note that I don't know what your database looks like. Does your database table (timavnl_1.gebruikers) contain a column named "approval"? Does that column contain the values you expect?

 

Yes

	    		$sql = "
	    		    SELECT
	    		        wachtwoord, approval
	    		    FROM
	    		        timavnl_1.gebruikers
	    		    WHERE
	    		        gebruikersnaam = ?
	    		";
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.