Jump to content

Is this the right way to goto different Directories on login


Recommended Posts

Hi, 

 

I am starting to pick this php business up but I often think if I am doing things right, or if I should treat  it as "If it aint broken dont fix it till it is".

 

My login script goes to different directories depending on "role" and I do not know if its the right way of doing things or I am making serious errors with security etc etc 

 

My script is 

<?php
if (!empty($_POST['Login'])) {

    $email = trim($_POST['email']);
    $password = trim($_POST['password']);

    if ($email == "") {
        $login_error = 'Email is required!';
    } else if ($password == "") {
        $login_error = 'Password is required!';
    } else {
        $user_id = $lib->LoginUser($email, $password); 
        if($user_id > 0)
        {
            $_SESSION['user_id'] = $user_id;
	    $role = $lib->User($_SESSION['user_id']);
		switch($role->role){
		case 'role1':
		header("location:role1");
                exit();
		case 'role2':
                header("location:role2");
                exit();
		case 'role3':
                header("location:role3");
                exit();
		case 'role4':
                header("location:role4");
                exit();
		case 'role5':
                header("location:role5");
                exit();
		}
        }
        else
        {
            $login_error = 'Invalid login details!';
        }
    }
}

Is this the right way of doing things or totally wrong

Link to post
Share on other sites

having n different directories, just makes more work. you must create and manage the files in those directories and if you add or subtract roles, create/delete and manage more directories and files.

 

you need to instead have a single index.php file, with a data driven design, where the code in the single file uses the current visitor's role to determine what content will be displayed to the user and what actions can be performed by the user on any logical page.

Link to post
Share on other sites
This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.