Jump to content

Is this the right way to goto different Directories on login

ScoobyDont

By ScoobyDont
in PHP Coding Help

Recommended Posts

ScoobyDont Regular Member

ScoobyDont

Posted
Posted

Hi, 

 

I am starting to pick this php business up but I often think if I am doing things right, or if I should treat  it as "If it aint broken dont fix it till it is".

 

My login script goes to different directories depending on "role" and I do not know if its the right way of doing things or I am making serious errors with security etc etc 

 

My script is 

<?php
if (!empty($_POST['Login'])) {

    $email = trim($_POST['email']);
    $password = trim($_POST['password']);

    if ($email == "") {
        $login_error = 'Email is required!';
    } else if ($password == "") {
        $login_error = 'Password is required!';
    } else {
        $user_id = $lib->LoginUser($email, $password); 
        if($user_id > 0)
        {
            $_SESSION['user_id'] = $user_id;
	    $role = $lib->User($_SESSION['user_id']);
		switch($role->role){
		case 'role1':
		header("location:role1");
                exit();
		case 'role2':
                header("location:role2");
                exit();
		case 'role3':
                header("location:role3");
                exit();
		case 'role4':
                header("location:role4");
                exit();
		case 'role5':
                header("location:role5");
                exit();
		}
        }
        else
        {
            $login_error = 'Invalid login details!';
        }
    }
}

Is this the right way of doing things or totally wrong

Link to comment
Share on other sites
mac_gyver Prolific Member

mac_gyver

Posted
Posted

having n different directories, just makes more work. you must create and manage the files in those directories and if you add or subtract roles, create/delete and manage more directories and files.

 

you need to instead have a single index.php file, with a data driven design, where the code in the single file uses the current visitor's role to determine what content will be displayed to the user and what actions can be performed by the user on any logical page.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.