Page 1 of 1

seeking help on my project

Posted: Thu Sep 08, 2005 9:45 am
by gothica
im currently working on a school project. im making a simple food ordering system in php. whereas it has 2 types of users. the administrator can add, update and delete a product as well as search through the inventory. while the typical user processes an order. btw, mysql runs as its database. im currently at 0% progress coz im practically new in php and im studying how it works as of the moment. any suggestions to help me out? i'd really appreciate any help. thanks!

ps: if you need further details about my problem just ask! :D

Posted: Thu Sep 08, 2005 10:16 am
by infolock
you should start by creating the pages first of all.

Create the login page and then the display page.

the simplist (but not best) alternative is to create a page that will be displayed for admins only, and then a page to be displayed for regular users.

then, you should look into the following php functions :

http://www.php.net/if
http://www.php.net/else
http://www.php.net/isset
http://www.php.net/session
http://www.php.net/mysql
http://www.php.net/while
http://www.php.net/for
http://www.php.net/foreach

this should be more than enough to get you started.

basically you would do something like the following for the login page authentication page :

Code: Select all

<?php
if(!isset($_POST['username']) || !isset($_POST['password'])) {
  echo '<h3>You must enter both a username and a password to login!';
  exit;
}
$uname = $_POST['username'];
$pword = $_POST['password'];
mysql_connect('localhost','your_user_name_here','your_password_here') or die(MySQL_Error());
mysql_select_db('name_of_database_here') or die(MySQL_Error());
$sql = mysql_query("SELECT * from user_table_name_here where username='".$uname."' and password = '".$pword."'") or die(MySQL_Error());
//if you are using mysql's password field for password, do something like this : 
//$sql = mysql_query("SELECT * from user_table_name_here where username="'.$uname."' and password = password('".$pword."')") or die(MySQL_Error());
$num = mysql_num_rows($sql);
if($num >0)
  $row = mysql_fetch_assoc($sql);
  session_start();
  $_SESSION['username'] = $row['username'];
else
  die("No User Was found!");

header('location:page.php?ulevel='.$row['user_level']);
exit;
?>
on page.php, you should do something like this :

Code: Select all

<?php
session_start();
if(!isset($_SESSION['username']) || !isset($_GET['user_level'])) {
  echo "You must be logged in to access this page!";
  exit;
}
if($_GET['user_level'] == 1) {
  header('location:admin.php');
} elseif($_GET['user_level'] == 2) {
  header('location:reg_user.php');
} else {
  echo 'Incorrect User Specs';
  exit;
}
?>
the rest is up to you.

jcart | fixed parsed error