metalhead41 Posted February 17, 2008 Share Posted February 17, 2008 Hey Guys, I have a small problem I can't figure out. I have a login page, user enters username and password, which logs in fine and goes to another page. Users can have a couple of different account types e.g. admin, standard. If the user is an admin the next page will show certain extra bits that a standard user can't see. How do I get either the login page, or the next page to get the user level that is stored in a mysql database? Hope that makes sense. Link to comment https://forums.phpfreaks.com/topic/91527-user-levels/ Share on other sites More sharing options...
trq Posted February 17, 2008 Share Posted February 17, 2008 You ought store the users level within the $_SESSION array upon login, then simply check against that. Link to comment https://forums.phpfreaks.com/topic/91527-user-levels/#findComment-468821 Share on other sites More sharing options...
metalhead41 Posted February 17, 2008 Author Share Posted February 17, 2008 This is my problem, I'm firing blanks in trying to store the user level in a session. I'm not sure how to call it to store it in a session... Link to comment https://forums.phpfreaks.com/topic/91527-user-levels/#findComment-468827 Share on other sites More sharing options...
trq Posted February 17, 2008 Share Posted February 17, 2008 Can we see your login code? Link to comment https://forums.phpfreaks.com/topic/91527-user-levels/#findComment-468828 Share on other sites More sharing options...
metalhead41 Posted February 17, 2008 Author Share Posted February 17, 2008 <?php session_start(); $errorMessage = ''; if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { include 'library/config.php'; include 'library/opendb.php'; $userId = $_POST['txtUserId']; $password = $_POST['txtPassword']; $sql = "SELECT user_name FROM users WHERE user_name = '$userId' AND user_password = md5('$password')"; $result = mysql_query($sql) or die('Query failed. ' . mysql_error()); $_SESSION['username'] = $_POST['txtUserId']; if (mysql_num_rows($result) == 1) { // the user id and password match, // set the session $_SESSION['db_is_logged_in'] = true; // after login we move to the main page header('Location: main.php'); exit; } else { $errorMessage = 'Sorry, wrong user id / password'; } include 'library/closedb.php'; } ?> Link to comment https://forums.phpfreaks.com/topic/91527-user-levels/#findComment-468836 Share on other sites More sharing options...
trq Posted February 17, 2008 Share Posted February 17, 2008 You might need to adjust the field name accordingly. <?php session_start(); $errorMessage = ''; if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { include 'library/config.php'; include 'library/opendb.php'; $userId = $_POST['txtUserId']; $password = $_POST['txtPassword']; $sql = "SELECT user_name,level FROM users WHERE user_name = '$userId' AND user_password = md5('$password')"; $result = mysql_query($sql) or die('Query failed. ' . mysql_error()); $_SESSION['username'] = $_POST['txtUserId']; if (mysql_num_rows($result) == 1) { $row = mysql_fetch_assoc($result); // the user id and password match, // set the session $_SESSION['level'] = $row['level']; $_SESSION['db_is_logged_in'] = true; // after login we move to the main page header('Location: main.php'); exit; } else { $errorMessage = 'Sorry, wrong user id / password'; } include 'library/closedb.php'; } ?> Link to comment https://forums.phpfreaks.com/topic/91527-user-levels/#findComment-468851 Share on other sites More sharing options...
metalhead41 Posted February 17, 2008 Author Share Posted February 17, 2008 Brilliant, just what I was after Thank you very much Link to comment https://forums.phpfreaks.com/topic/91527-user-levels/#findComment-468862 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.