Jump to content

Login form help!!

guoxin

By guoxin
in MySQL Help

Recommended Posts

guoxin Newbie

guoxin

Posted
Posted

Hi all,

 

I created a userlogin form where it will lead to either an administrator home page or user home page. In MySQL database, i create a table named "Login" where it contains the following:

CREATE TABLE Login (

access_level INT NOT NULL,

username VARCHAR(20) NOT NULL,

password VARCHAR(25) NOT NULL,

);

 

and i inserted the following values as well:

 

INSERT INTO Login VALUES (1, 'guoxin', 'guoxinphilips');

 

INSERT INTO Login VALUES (2, 'jason', 'jasonphilips');

 

where access_level 1 represents administrator and access_level 2 represents user and i execute the sql statement in a page called "authenticate.php" which will determine either if the user is an administrator or a user:

 

$sql ="SELECT * FROM $table_name WHERE username = '$_POST[username]' AND password = password('$_POST[password]') AND access_level = 1";

 

$result = @mysql_query($sql,$connection)or die(mysql_error());

 

//get the number of rows in the result set

$num = mysql_num_rows($result);

 

//print a message or redirect elsewhere,based on result

if ($num != 0) {

header("Location: http://www.bds-net.info/alan/admin_home.html");

exit;

 

} else {

header("Location: http://www.bds-net.info/alan/user-home.php");

exit;

}

 

but the result is it just go to the administrator home page regardless of the access_level 1 or 2. So is there anyone that can help me with this problem? Thanks folks :)

Link to comment
https://forums.phpfreaks.com/topic/91029-login-form-help/
Share on other sites
peranha Regular Member

peranha

Posted
Posted 

$sql ="SELECT * FROM $table_name WHERE username = '$_POST[username]' AND password = password('$_POST[password]')";

$result = @mysql_query($sql,$connection)or die(mysql_error());

//get the number of rows in the result set
$num = mysql_fetch_row($result);

//print a message or redirect elsewhere,based on result
if ($num['access_level'] == 1) {
header("Location: http://www.bds-net.info/alan/admin_home.html");
exit;

} else {
header("Location: http://www.bds-net.info/alan/user-home.php");
exit;
}

 

Try the above code.  I changed the $num = mysql_num_row($result);

 

Also changed the if ($num !=0)

 

You were counting rows, not actually getting the user level, and if there were more than 0 rows, which is true, it will always to go admin_home.php.

Link to comment
https://forums.phpfreaks.com/topic/91029-login-form-help/#findComment-466599
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.