Page 1 of 1

Login Form Help

Posted: Mon Jul 05, 2004 10:08 pm
by zatch
Basically I want to change this

Code: Select all

<?php
include("includes/config.php");
$connection = mysql_connect($hostname, $user, $pass) or die ("Unable to connect to MySQL Database!");
$query = "SELECT * FROM accounts WHERE login = '$uname' AND password = PASSWORD('$password')";
$result = mysql_db_query($database, $query, $connection);


if (mysql_num_rows($result) == 1)
	{
	session_start();
	session_register("client_id");
	session_register("client_name");
	session_register("client_login");
	session_register("client_email");
	session_register("client_type");
	list($clientid, $name, $login, $pass, $email, $type) = mysql_fetch_row($result);
	$client_id = $clientid;
	$client_name = $name;
	$client_login = $login;
	$client_email = $email;
	$client_type  = $type;
	
	header("Location: main.php");
	mysql_free_result ($result);	

	mysql_close($connection);
	}
else

	{
	mysql_free_result ($result);	
	mysql_close($connection);

	header("Location: index.html");
	exit;
	}
?>
So that if the person who logged in has client_id 'admin' the person is forwarded to admin.php
If the person isn't admin but has logged in successfully they should goto client.php

Can you help?
Also...is this login script any good ?

Posted: Mon Jul 05, 2004 10:21 pm
by tim
the most simplest way (seeing your using a MySQL database, congrats on the excellent choice) is to create a flag system

make another field in your user table, make the default 0 (not a admin) change it to 1 (an admin) and there you go

maybe a simple mysql_fetch_array and target the admin field, if its 0, the user is a basic user.

get what i'm saying?

Posted: Mon Jul 05, 2004 10:23 pm
by zatch
I have no clue what your saying - I'm familiar only with basic MySQL (and yes I love it too :D )

Heres what I did get that I think works:

Code: Select all

<?php
include("includes/config.php");
$connection = mysql_connect($hostname, $user, $pass) or die ("Unable to connect to MySQL Database!");
$query = "SELECT * FROM accounts WHERE login = '$uname' AND password = PASSWORD('$upassword')";
$result = mysql_db_query($database, $query, $connection);


if (mysql_num_rows($result) == 1)
	{
	session_start();
	session_register("client_id");
	session_register("client_name");
	session_register("client_login");
	session_register("client_email");
	session_register("client_type");
	list($clientid, $name, $login, $pass, $email, $type) = mysql_fetch_row($result);
	$client_id = $clientid;
	$client_name = $name;
	$client_login = $login;
	$client_email = $email;
	$client_type  = $type;
	
	if ($login = admin)
	{
	header("Location: admin.php");
	}
	else
	{
	header("Location: main.php");
	}
	mysql_free_result ($result);	

	mysql_close($connection);
	}
else
	{
	echo "Login Error. Either you haven't logged in, or the Username/Password you entered were incorrect.";
	mysql_free_result ($result);	
	mysql_close($connection);
		exit;
	}


?>

Posted: Mon Jul 05, 2004 10:30 pm
by tim
well, the if statements are correct (somewhat)

here, in your database "accounts" you have a table. probably you have a username field, a password field, etc...

add a field, call it whatever, i'll call it admin. set a default of 0 (when new users sign-up, they are made basic users until you change them to admins)

heres what the MySQL would look like.

Code: Select all

<?php

$sql = mysql_query("SELECT * FROM accounts WHERE login = '$uname' AND password = PASSWORD('$upassword')");

$check = mysql_fetch_array($sql);

$admin_check = $check['admin'];

if ($admin_check == 0) {

// user is basic

} else {

// user is admin

}


?>
you should be able to follow that, if not, you need to read some tutorials (no offense intented)

:wink: