how to differ b/w admin and normal user, when user login

  • asad_black
  • Graduate
  • Graduate
  • asad_black
  • Posts: 131
  • Loc: pakistan

Post 3+ Months Ago

hi i want to create a login page in which user login his username and id...!

In which distinguish a administrator and normal user when they login.

when administrator login it redirect to admin page.

when normal user login it redirect to normal user page.

my database contain 4 fields.

userid, username, password, category

category contain value '1' or '0' for difference b/w user either its administrator or normal user.

'1' for administrator
and
'0' for normal user

but i dont know how to do the in the PHP coding.

my code is:
Code: [ Select ]


<?php
$host="localhost"; // Host name
$username="myweb"; // Mysql username
$password="myweb"; // Mysql password
$db_name="hms"; // Database name
$tbl_name="login"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$cate='1';

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' and category='1'";

$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>
  1. <?php
  2. $host="localhost"; // Host name
  3. $username="myweb"; // Mysql username
  4. $password="myweb"; // Mysql password
  5. $db_name="hms"; // Database name
  6. $tbl_name="login"; // Table name
  7. // Connect to server and select databse.
  8. mysql_connect("$host", "$username", "$password")or die("cannot connect");
  9. mysql_select_db("$db_name")or die("cannot select DB");
  10. // username and password sent from form
  11. $myusername=$_POST['myusername'];
  12. $mypassword=$_POST['mypassword'];
  13. $cate='1';
  14. // To protect MySQL injection (more detail about MySQL injection)
  15. $myusername = stripslashes($myusername);
  16. $mypassword = stripslashes($mypassword);
  17. $myusername = mysql_real_escape_string($myusername);
  18. $mypassword = mysql_real_escape_string($mypassword);
  19. $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' and category='1'";
  20. $result=mysql_query($sql);
  21. // Mysql_num_row is counting table row
  22. $count=mysql_num_rows($result);
  23. // If result matched $myusername and $mypassword, table row must be 1 row
  24. if($count==1){
  25. // Register $myusername, $mypassword and redirect to file "login_success.php"
  26. session_register("myusername");
  27. session_register("mypassword");
  28. header("location:login_success.php");
  29. }
  30. else {
  31. echo "Wrong Username or Password";
  32. }
  33. ?>
  • nexuslite
  • Newbie
  • Newbie
  • nexuslite
  • Posts: 10
  • Loc: Keizer, OR

Post 3+ Months Ago

you need to put the info you got from the database into an array and then check the category value.

Code: [ Select ]
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' and category='1'";

$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){

    // Register $myusername, $mypassword and redirect to file "login_success.php"
    session_register("myusername");
    session_register("mypassword");
    $info = mysql_fetch_array($result);
    if ($info['category'] == 1) {
        header("location:admin_login_success.php");
    }
    else
        header("location:login_success.php");
    }
}
else {
    echo "Wrong Username or Password";
}
  1. $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' and category='1'";
  2. $result=mysql_query($sql);
  3. // Mysql_num_row is counting table row
  4. $count=mysql_num_rows($result);
  5. // If result matched $myusername and $mypassword, table row must be 1 row
  6. if($count==1){
  7.     // Register $myusername, $mypassword and redirect to file "login_success.php"
  8.     session_register("myusername");
  9.     session_register("mypassword");
  10.     $info = mysql_fetch_array($result);
  11.     if ($info['category'] == 1) {
  12.         header("location:admin_login_success.php");
  13.     }
  14.     else
  15.         header("location:login_success.php");
  16.     }
  17. }
  18. else {
  19.     echo "Wrong Username or Password";
  20. }

Post Information

  • Total Posts in this topic: 2 posts
  • Users browsing this forum: No registered users and 48 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.