Page 2 of 2

Posted: Wed Dec 06, 2006 3:30 pm
by RobertGonzalez
hrubos wrote:Please, I tried n*time and it doesn't still run.Who can hepl me to make condition isAdmin, by which user or admon can be realized.(I have table user contains fields id, login,password, isAdmin)
Think logically about this... You have a table that contains the fields fields id, login,password, isAdmin. All you need to do is get the value of the isAdmin field for a particular user. Try that, post back with any issues you are having.

Posted: Wed Dec 06, 2006 3:40 pm
by hrubos
Everah wrote:
hrubos wrote:Please, I tried n*time and it doesn't still run.Who can hepl me to make condition isAdmin, by which user or admon can be realized.(I have table user contains fields id, login,password, isAdmin)
Think logically about this... You have a table that contains the fields fields id, login,password, isAdmin. All you need to do is get the value of the isAdmin field for a particular user. Try that, post back with any issues you are having.
I have setted user is null, and admin is 1 in fields admin. Then I did this to check user or admin. Would you show me what did I do wrong in this code.

Code: Select all

..................
if (isset($MSQ) && MySQL_Num_Rows($MSQ) <> 1) 
{
echo "Neautorizovaný p&#345;ístup";
echo "hello you";
exit;
}
else{
$SN = "autorizace";
Session_name("$SN");
Session_start();
$sid = Session_id();
$time = Date("U");
$at = Date("U") - 1800;
$MSQ = MySQL_Query("INSERT INTO autorizace VALUES ('$sid', $time)");
$MSQ = MySQL_Query("DELETE FROM autorizace WHERE time < $at");

$row = $mysql_fetch_array($MSQ);
$id = $row['id'];
$isAdmin = $row['isAdmin'];
if($isAdmin){
  include ("D:\htdocs\BP\Room\outputRoom.php");
echo '<p> <a href="autorizace.php?lo=true">Odhlásit se</a> </p>';
}
else {
echo "a' a'a'  ";
}

}
Thank much for your encourage

Posted: Wed Dec 06, 2006 3:40 pm
by feyd
Another tip: it may be easier to get a foothold by attempting to perform the query in something like phpMyAdmin first to understand the end query that you need to build, then start building code that can generate said query.

Posted: Wed Dec 06, 2006 4:05 pm
by RobertGonzalez
The way you are doing it is not going to work because you keep overwriting your $MSQ var before you run it through the fetch. After you query the user table, fetch the data and read that into an array that you can use later. Look at your code, it is telling you everything you need to understand what it is doing.

Posted: Wed Dec 06, 2006 4:18 pm
by hrubos
Everah wrote:The way you are doing it is not going to work because you keep overwriting your $MSQ var before you run it through the fetch. After you query the user table, fetch the data and read that into an array that you can use later. Look at your code, it is telling you everything you need to understand what it is doing.
if I do

Code: Select all

$MSQ = MySQL_Query("SELECT * FROM users WHERE (login LIKE '$login') AND (password LIKE '$p') ");
$num_row = mysql_num_rows($MSQ);
So then should I chose mysql_affected_rows([]) or mysql_fetch_array() ???

Posted: Wed Dec 06, 2006 4:25 pm
by RobertGonzalez
hrubos wrote:if I do

Code: Select all

$MSQ = MySQL_Query("SELECT * FROM users WHERE (login LIKE '$login') AND (password LIKE '$p') ");
$num_row = mysql_num_rows($MSQ);
So then should I chose mysql_affected_rows([]) or mysql_fetch_array() ???
Everah wrote:The way you are doing it is not going to work because you keep overwriting your $MSQ var before you run it through the fetch. After you query the user table, fetch the data and read that into an array that you can use later. Look at your code, it is telling you everything you need to understand what it is doing.

Posted: Wed Dec 06, 2006 4:41 pm
by hrubos
now I think that Ishould move it to

Code: Select all

if ((IsSet($login)) AND (IsSet($password)) )){
$p = MD5($password);
//for only admin
$MSQ = MySQL_Query("SELECT * FROM users WHERE (login LIKE '$login') AND (password LIKE '$p') ");
$num_row = mysql_num_rows($MSQ);

if ($num_row == 1) {
		//prihlaseni probehlo v poradku
		$row = mysql_fetch_array($MSQ);
                $id = $row['id'];
                $isAdmin = $row['$isAdmin'];
                 $return_array = array($id,$isAdmin);
if($isAdmin){
 echo "you are admin";

}
else {
echo "you are user";
}
		return $return_array;
	}
else {
    echo "Can't login !!!";
return false;
}

Posted: Wed Dec 06, 2006 4:50 pm
by hrubos
Everah wrote:
hrubos wrote:if I do

Code: Select all

$MSQ = MySQL_Query("SELECT * FROM users WHERE (login LIKE '$login') AND (password LIKE '$p') ");
$num_row = mysql_num_rows($MSQ);
So then should I chose mysql_affected_rows([]) or mysql_fetch_array() ???
Everah wrote:The way you are doing it is not going to work because you keep overwriting your $MSQ var before you run it through the fetch. After you query the user table, fetch the data and read that into an array that you can use later. Look at your code, it is telling you everything you need to understand what it is doing.
halo halo, you are super, thank . I have done ;)

thank much !!!