Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 7 of 7
  1. #1
    New to the CF scene
    Join Date
    Mar 2010
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Please help me with user access levels

    I own a computer repair company, and im obviously not a huge php coder, in fact, i really dont know much about it at all lol. I want to have two different types of users, technicians and admins. In the mysql table there is username, password, and admin. I want it so if admin=1 then it will display some menu links, but if admin=0 they dont appear. Here is what i have for coding. I have the login script which then takes that login info to a file called checklogin.php. Here is checklogin.php
    Code:
    <?php
    $host="*********"; // Host name 
    $dbusername=*********"; // Mysql username 
    $dbpassword="*********"; // Mysql password 
    $db_name="*********"; // Database name 
    $tbl_name="*********"; // Table name
    
    // Connect to server and select databse.
    mysql_connect("$host", "$dbusername", "$dbpassword")or die("cannot connect"); 
    mysql_select_db("$db_name")or die("cannot select DB");
    
    // username and password sent from form 
    $username=$_POST['username']; 
    $password=$_POST['password'];
    
    // To protect MySQL injection (more detail about MySQL injection)
    $username = stripslashes($username);
    $password = stripslashes($password);
    $username = mysql_real_escape_string($username);
    $password = mysql_real_escape_string($password);
    
    $sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
    $result=mysql_query($sql);
    
    // Mysql_num_row is counting table row
    $count=mysql_num_rows($result);
    // If result matched $myusername and $mypassword, table row must be 1 row
    
    if($count==1){
    // Register $myusername, $mypassword and redirect to file "login_success.php"
    session_register("username");
    session_register("password"); 
    header("location:login_success.php");
    }
    else {
    echo "You have entered an invalid technician ID. Please try again.";
    }
    ?>
    How do i make it so if admin=1 it goes to admin.php and if admin=0 then it goes to login_success.php? Im so new to this i really dont know that much. Thank you.

  • #2
    Senior Coder DJCMBear's Avatar
    Join Date
    Mar 2010
    Location
    United Kindom
    Posts
    1,173
    Thanks
    14
    Thanked 136 Times in 136 Posts
    Quote Originally Posted by esanger21 View Post
    I own a computer repair company, and im obviously not a huge php coder, in fact, i really dont know much about it at all lol. I want to have two different types of users, technicians and admins. In the mysql table there is username, password, and admin. I want it so if admin=1 then it will display some menu links, but if admin=0 they dont appear. Here is what i have for coding. I have the login script which then takes that login info to a file called checklogin.php. Here is checklogin.php
    Code:
    <?php
    $host="*********"; // Host name 
    $dbusername=*********"; // Mysql username 
    $dbpassword="*********"; // Mysql password 
    $db_name="*********"; // Database name 
    $tbl_name="*********"; // Table name
     
    // Connect to server and select databse.
    mysql_connect("$host", "$dbusername", "$dbpassword")or die("cannot connect"); 
    mysql_select_db("$db_name")or die("cannot select DB");
     
    // username and password sent from form 
    $username=$_POST['username']; 
    $password=$_POST['password'];
     
    // To protect MySQL injection (more detail about MySQL injection)
    $username = stripslashes($username);
    $password = stripslashes($password);
    $username = mysql_real_escape_string($username);
    $password = mysql_real_escape_string($password);
     
    $sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
    $result=mysql_query($sql);
     
    // Mysql_num_row is counting table row
    $count=mysql_num_rows($result);
    // If result matched $myusername and $mypassword, table row must be 1 row
     
    if($count==1){
    // Register $myusername, $mypassword and redirect to file "login_success.php"
    session_register("username");
    session_register("password"); 
    header("location:login_success.php");
    }
    else {
    echo "You have entered an invalid technician ID. Please try again.";
    }
    ?>
    How do i make it so if admin=1 it goes to admin.php and if admin=0 then it goes to login_success.php? Im so new to this i really dont know that much. Thank you.
    Here You Go:
    Code:
    <?php
    $host="*********"; // Host name 
    $dbusername=*********"; // Mysql username 
    $dbpassword="*********"; // Mysql password 
    $db_name="*********"; // Database name 
    $tbl_name="*********"; // Table name
     
    // Connect to server and select databse.
    mysql_connect("$host", "$dbusername", "$dbpassword")or die("cannot connect"); 
    mysql_select_db("$db_name")or die("cannot select DB");
     
    // username and password sent from form 
    $username=$_POST['username']; 
    $password=$_POST['password'];
     
    // To protect MySQL injection (more detail about MySQL injection)
    $username = stripslashes($username);
    $password = stripslashes($password);
    $username = mysql_real_escape_string($username);
    $password = mysql_real_escape_string($password);
     
    $sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
    $result=mysql_query($sql);
     
    // Mysql_num_row is counting table row
    $count=mysql_num_rows($result);
    // If result matched $myusername and $mypassword, table row must be 1 row
     
    if($count==1){
    // Register $myusername, $mypassword and redirect to file "login_success.php"
    session_register("username");
    session_register("password"); 
    while($row = mysql_fetch_array($result)){
    if($row['admin']=='1'){
    header("admin.php");
    }else{
    header("location:login_success.php?");
    }}} else {
    echo "You have entered an invalid technician ID. Please try again.";
    }
    ?>
    Official BinPress hand picked coder.
    For anyone worried about SQL injection go have a look at my small yet powerful script here.
    Go Pledge for Light Table, if it hit's $300,000 Python and other languages will get added.
    I am 1 of 65,608 people to get a Pebble Watch :P

  • #3
    Senior Coder tomws's Avatar
    Join Date
    Nov 2007
    Location
    Arkansas
    Posts
    2,644
    Thanks
    29
    Thanked 330 Times in 326 Posts
    You'll need to have a look at mysql_fetch_array, or one of its sisters, at least. Check out some php form handling tutorials. You should see lots of examples that show you how to do it. You'll be looking for sections of code that look something like this:
    PHP Code:
    $result mysql_query($query);
    if (!
    $result)
    {
      
    // some error handling
    }
    $row mysql_fetch_array($result);
    if (
    $row['some_field'] == 'someValue')
    {
      
    // do stuff
    }
    else
    {
      
    // do other stuff

    Are you a Help Vampire?

  • #4
    Senior Coder DJCMBear's Avatar
    Join Date
    Mar 2010
    Location
    United Kindom
    Posts
    1,173
    Thanks
    14
    Thanked 136 Times in 136 Posts
    Quote Originally Posted by tomws View Post
    You'll need to have a look at mysql_fetch_array, or one of its sisters, at least. Check out some php form handling tutorials. You should see lots of examples that show you how to do it. You'll be looking for sections of code that look something like this:
    PHP Code:
    $result mysql_query($query);
    if (!
    $result)
    {
      
    // some error handling
    }
    $row mysql_fetch_array($result);
    if (
    $row['some_field'] == 'someValue')
    {
      
    // do stuff
    }
    else
    {
      
    // do other stuff


    Thats what I did in my code example it should work for esanger21 now.
    Official BinPress hand picked coder.
    For anyone worried about SQL injection go have a look at my small yet powerful script here.
    Go Pledge for Light Table, if it hit's $300,000 Python and other languages will get added.
    I am 1 of 65,608 people to get a Pebble Watch :P

  • #5
    Senior Coder tomws's Avatar
    Join Date
    Nov 2007
    Location
    Arkansas
    Posts
    2,644
    Thanks
    29
    Thanked 330 Times in 326 Posts
    Quote Originally Posted by DJCMBear View Post
    Thats what I did in my code example it should work for esanger21 now.
    Congratulations on teaching him... oh wait. You didn't. You only taught him to copy and paste. Nevermind.
    Are you a Help Vampire?

  • #6
    Senior Coder DJCMBear's Avatar
    Join Date
    Mar 2010
    Location
    United Kindom
    Posts
    1,173
    Thanks
    14
    Thanked 136 Times in 136 Posts
    Quote Originally Posted by tomws View Post
    Congratulations on teaching him... oh wait. You didn't. You only taught him to copy and paste. Nevermind.
    And you never wrote some php code...oh wait yes you did my bad. Maybe you should think before saying something. And yes I know you also said about using mysql_fetch_array or "one of it's sisters" but either way he's still geting his problem sorted out.
    Official BinPress hand picked coder.
    For anyone worried about SQL injection go have a look at my small yet powerful script here.
    Go Pledge for Light Table, if it hit's $300,000 Python and other languages will get added.
    I am 1 of 65,608 people to get a Pebble Watch :P

  • #7
    Regular Coder Zangeel's Avatar
    Join Date
    Oct 2007
    Location
    public_html/
    Posts
    638
    Thanks
    17
    Thanked 79 Times in 79 Posts
    Quote Originally Posted by DJCMBear View Post
    And you never wrote some php code...oh wait yes you did my bad. Maybe you should think before saying something. And yes I know you also said about using mysql_fetch_array or "one of it's sisters" but either way he's still geting his problem sorted out.
    Did he ever then try to negate someone elses post for being more educational?
    PHP Code:
    $aString is_string((string)array()) ? true false// true :D 
    [/CENTER]


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •