Jump to content

Login form help!!

guoxin

By guoxin
in MySQL Help

 Share

Recommended Posts

guoxin Newbie

guoxin

Posted
Posted

Hi all,

 

I created a userlogin form where it will lead to either an administrator home page or user home page. In MySQL database, i create a table named "Login" where it contains the following:

CREATE TABLE Login (

access_level INT NOT NULL,

username VARCHAR(20) NOT NULL,

password VARCHAR(25) NOT NULL,

);

 

and i inserted the following values as well:

 

INSERT INTO Login VALUES (1, 'guoxin', 'guoxinphilips');

 

INSERT INTO Login VALUES (2, 'jason', 'jasonphilips');

 

where access_level 1 represents administrator and access_level 2 represents user and i execute the sql statement in a page called "authenticate.php" which will determine either if the user is an administrator or a user:

 

$sql ="SELECT * FROM $table_name WHERE username = '$_POST[username]' AND password = password('$_POST[password]') AND access_level = 1";

 

$result = @mysql_query($sql,$connection)or die(mysql_error());

 

//get the number of rows in the result set

$num = mysql_num_rows($result);

 

//print a message or redirect elsewhere,based on result

if ($num != 0) {

header("Location: http://www.bds-net.info/alan/admin_home.html");

exit;

 

} else {

header("Location: http://www.bds-net.info/alan/user-home.php");

exit;

}

 

but the result is it just go to the administrator home page regardless of the access_level 1 or 2. So is there anyone that can help me with this problem? Thanks folks :)

Link to comment
Share on other sites
peranha Regular Member

peranha

Posted
Posted 

$sql ="SELECT * FROM $table_name WHERE username = '$_POST[username]' AND password = password('$_POST[password]')";

$result = @mysql_query($sql,$connection)or die(mysql_error());

//get the number of rows in the result set
$num = mysql_fetch_row($result);

//print a message or redirect elsewhere,based on result
if ($num['access_level'] == 1) {
header("Location: http://www.bds-net.info/alan/admin_home.html");
exit;

} else {
header("Location: http://www.bds-net.info/alan/user-home.php");
exit;
}

 

Try the above code.  I changed the $num = mysql_num_row($result);

 

Also changed the if ($num !=0)

 

You were counting rows, not actually getting the user level, and if there were more than 0 rows, which is true, it will always to go admin_home.php.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.