Login Script and Control Panel
Posted: Wed Dec 17, 2008 5:43 pm
What I want to do is connect my login script with my control panel in such a way that when the user logs in it checks their authlevel and loads the correct options available to them. Can I get any assistance because I've done research all day with this and no luck.
Here's is my login script that I have validated:
Here's my control panel that I have validated:
Here's is my login script that I have validated:
Code: Select all
<?php
//if the login form is submitted
if(isset($_POST['login']))
{
// makes sure they filled it in
if(!$_POST['username'] || !$_POST['pass'])
{
die('You did not fill in a required field.');
}
$username = mysql_real_escape_string($_POST['username']);
$pass = mysql_real_escape_string($_POST['pass']);
$check = mysql_query("SELECT * FROM users WHERE username = '".$username."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0)
{
die('That user does not exist in our database.');
}
while($info = mysql_fetch_array( $check ))
{
$pass = md5(stripslashes($_POST['pass']));
$info['password'] = stripslashes($info['password']);
//$_POST['pass'] = md5($_POST['pass']); THIS IS DONE IN THE ABOVE STATEMENT
//gives error if the password is wrong
if ($pass != $info['password'])
{
die('Incorrect password, please try again.');
}
else
// if login is ok then we add a cookie and send them to the correct page
{
$username = stripslashes($username);
session_start();
$_SESSION['username'] = $username;
$_SESSION['loggedin'] = time();
// Finds out the user type
$query = "SELECT `authlevel` FROM `users` WHERE `username` = '" . $username . "'";
$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result);
$authLevel = $row['authlevel'];
$_SESSION['authlevel'] = $authLevel;
}
}
}
else
{
// if they have not submitted the form
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta http-equiv="Content-Language" content="en-us">
<meta name="language" content="en-us">
<title>Backstage V1 Administration Console</title>
<link rel=stylesheet href=backstage.css type=css media=screen>
<link rel=stylesheet href=backstage_print.css type=css media=print>
</head>
<body>
<div id=login>
<form method="POST" action="http://kansasoutlawwrestling.com/other/backstage.php">
<h1>KOW Backstage</h1>
<p><label>Username:<br><input type=text name=uname id=log tabindex=1></label></p>
<p><label>Password:<br><input type=password name=pword id=pwd tabindex=2></label></p>
<p style="text-align: center;"><input type=submit class=button name=submit id=submit value="Login »" tabindex=4></p>
</form>
</div>
</body>
</html>
<?php
}
?>
Code: Select all
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta http-equiv="Content-Language" content="en-us">
<meta name="language" content="en-us">
<title>Backstage V1 Administration Console</title>
<link rel="stylesheet" href="backstage.css" type="text/css" media="screen">
<link rel="stylesheet" href="backstage_print.css" type="text/css" media="print">
<script src="prototype.js" type="text/javascript"></script>
<script src="scriptaculous.js" type="text/javascript"></script>
<script type="text/javascript" src="ajax.js"></script>
<script type="text/javascript">document.onLoad = ajaxpage("home", "content");</script>
</head>
<body>
<div id=container>
<div class=header>
<table cellpadding="0" cellspacing="0" border="0" width="95%">
<tr>
<td width=110 align=center></td>
<td></td>
<td width=40 valign=bottom align=right>
<a href="#" onclick="ajaxpage('home', 'content'); return false;">Home</a> | <a href="#" onclick="ajaxpage('logout', 'content'); return false;">Logout</a> | <a target="_blank" href="http://kansasoutlawwrestling.com/phpBB3">Forums</a></td>
</tr>
</table>
</div>
<div id=container2>
<div id=nav>
<h1>Character</h1>
<ul>
<li><a href="#" onclick="ajaxpage('bio', 'content'); return false;">Bio</a></li>
<li><a href="#" onclick="ajaxpage('allies', 'content'); return false;">Allies</a></li>
<li><a href="#" onclick="ajaxpage('rivals', 'content'); return false;">Rivals</a></li>
<li><a href="#" onclick="ajaxpage('quotes', 'content'); return false;">Quotes</a></li>
</ul>
<h1>Submit</h1>
<ul>
<li><a href="#" onclick="ajaxpage('roleplay', 'content'); return false;">Roleplay</a></li>
<li><a href="#" onclick="ajaxpage('news', 'content'); return false;">News</a></li>
<li><a href="#" onclick="ajaxpage('match', 'content'); return false;">Match</a></li>
<li><a href="#" onclick="ajaxpage('seg', 'content'); return false;">Seg</a></li>
</ul>
<h1>Handler</h1>
<ul>
<li><a href="#" onclick="ajaxpage('directory', 'content'); return false;">Directory</a></li>
</ul>
<h1>Booking</h1>
<ul>
<li><a href="#" onclick="ajaxpage('champions', 'content'); return false;">Champions</a></li>
<li><a href="#" onclick="ajaxpage('booker', 'content'); return false;">Booker</a></li>
<li><a href="#" onclick="ajaxpage('compiler', 'content'); return false;">Compiler</a></li>
<li><a href="#" onclick="ajaxpage('archives', 'content'); return false;">Archives</a></li>
</ul>
<h1>Fed Admin</h1>
<ul>
<li><a href="#" onclick="ajaxpage('handlers', 'content'); return false;">Handlers</a></li>
<li><a href="#" onclick="ajaxpage('characters', 'content'); return false;">Characters</a></li>
<li><a href="#" onclick="ajaxpage('applications', 'content'); return false;">Applications</a></li>
<li><a href="#" onclick="ajaxpage('eventnames', 'content'); return false;">Event Names</a></li>
<li><a href="#" onclick="ajaxpage('titlenames', 'content'); return false;">Title Names</a></li>
<li><a href="#" onclick="ajaxpage('matchtypes', 'content'); return false;">Match Types</a></li>
<li><a href="#" onclick="ajaxpage('divisions', 'content'); return false;">Divisions</a></li>
<li><a href="#" onclick="ajaxpage('countries', 'content'); return false;">Arenas</a></li>
</ul>
<h1>Site Admin</h1>
<ul>
<li><a href="#" onclick="ajaxpage('templates', 'content'); return false;">Templates</a></li>
<li><a href="#" onclick="ajaxpage('content', 'content'); return false;">Content</a></li>
<li><a href="#" onclick="ajaxpage('biosconfig', 'content'); return false;">Bio Configuration</a></li>
<li><a href="#" onclick="ajaxpage('newscat', 'content'); return false;">News Categories</a></li>
<li><a href="#" onclick="ajaxpage('menus', 'content'); return false;">Menus</a></li>
</ul>
</div>
<div id=content>
</div>
<div id="footer">Backstage 1 © 2009
</div>
</div>
</div>
</body>
</html>