Different types of users go to different places
Posted: Wed Jun 11, 2008 11:45 am
Okay so now I have this as my code after I got the coding to have different users go to different pages now I have this as my coding and it's giving me as error about connecting to my database but it's the same as one of my other scripts so I know that's right.
Code: Select all
<?php
// Connects to your Database
$link = mysql_connect("?", "?", "?") or die(mysql_error());
mysql_select_db("?",$link) or die(mysql_error());
if (!mysql_select_db("?", $link)) {
echo 'Could not select database';
exit;
}
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))
//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM members WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: test.htm");
}
}
}
//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted
// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database
if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM members WHERE username = '".$_POST['username']."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);
//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{
// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);
}
}
}
else
{
// Finds out the user type
$query = "SELECT `type` FROM `users` WHERE `username` = " . $username;
$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result);
$authLevel = $row['type'];
// Sends them to correct page after login
if($authLevel == "Staff")
{
$page = "test.htm";
}
else
{
$page = "showarchive.php";
}
header("Location: $page");
// if they are not logged in
?>
<center><table border=1 cellpadding=5 cellspacing=0 width=350 >
<tr><td><u><h2><center>
<font color="#CC0000">KOW Login</font>
</center></h2></u>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<b>Username:</b><br>
<input type="text" name="username" maxlength="40" size="40"> <br><br>
<b>Password:</b><br>
<input type="password" name="pass" maxlength="50" size="40">
<br><br>
<center><input type="submit" name="submit" value="Process Login"><br><br></center>
</table>
</form>
</center>
<?php
}
?>