log in page with member levels
Posted: Tue Mar 18, 2008 8:49 pm
I am creating a simple log in form to protect a "member" page. What i have done is assigned a "1" or a "2" to each subscriber. Only people with "2" can view the member page. Here is what I have so far. Its rough I know. I have some pseudo code in there just to get the outline right.
There are three pages. The member page that I am protecting, the login page that takes the submitted data, and the register page they get directed to if the log in fails.
----------------------------------------------------
member page
----------------------------------------------------
---------------------------------------------
The login.php page
---------------------------------------------
SELECT email, password, and status FROM members
if email and password are ok and status is "2" then go to members page. Show as logged in.
else
if status is "1" redirect to register page.
There are three pages. The member page that I am protecting, the login page that takes the submitted data, and the register page they get directed to if the log in fails.
----------------------------------------------------
member page
----------------------------------------------------
Code: Select all
<?php
session_start();
$status = $status[0]; //member or not. If status "1" direct to register.php, if "2" show page.
session_register ('email');
session_register ('password');
session_register ('status');
if (isset ($POST['submit'])) {
if ((!empty ($_POST['email']))
if email and user name are a match when sent to login.php
//show content on page below//
//All content will go here.....///
else
//print form to sign in
print '<p>Please sign in using your email address and your password</p>';
print '<form action=login.php" method="post"><p>Email: <input type="text" name="email" size="20" /><br/>
Password: <input type="password" name="password" size="20" /><br /> <input type="submit" name="submit" value=Log in /></p> </form>';
?>
The login.php page
---------------------------------------------
Code: Select all
<?php $username=$_POST['email'];//get data posted from members form
$password=$_POST['password'];
$success = "members.php";
$failed = "register.php";
//check user's email and password. Also if status is "1" redirect to register.php
//if status is "2" redirect to members.php and show the page.if email and password are ok and status is "2" then go to members page. Show as logged in.
else
if status is "1" redirect to register page.