|
PHP - Got Stuck When Using If Else Statement For User Level
DATABASE-id(auto increment),username,password and userlevel(int that is 1 for admin and 0 for user)
Login.php Code: [Select] <?php session_start(); mysql_connect("localhost","root") or die(mysql_error()); mysql_select_db("cute") or die(mysql_error()); //session_start(); $username = $_POST['username']; $password = $_POST['pass']; if (isset($_POST["submit"])) { $log = "SELECT * FROM regis WHERE username = '$username'"; $login = mysql_query($log); $number = mysql_num_rows($login); if ($number == 0) { print "That user does not exist in our database. <a href=registration.php><input type='button' value='Register'></a>"; } if ($number > 0) { $row = mysql_fetch_assoc($log); $_SESSION['username'] = $row['username']; $_SESSION['userlevel'] = $row['userlevel']; $_SESSION['is_logged_in'] = 1; if($_SESSION['userlevel']=0) { echo "<meta http-equiv='refresh' content='0; url=registration.php'>"; } else if($_SESSION['userlevel']=1) { echo "<meta http-equiv='refresh' content='0; url=form2.php'>"; } } } else { ?> <html> <head> <script type="text/javascript"> function a() { var x = document.login.username.value; var y = document.login.pass.value; if(x==""&& y=="") { alert("Please insert all message!"); return false; } if(x=="") { alert("Please insert an username!"); return false; } if(y=="") { alert("Please insert an password!"); return false; } } </script> </head> <body> <table border="0"> <form name="login" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" onsubmit="return a()"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td> <td><input type="text" name="username" maxlength="40"></td></tr> <tr><td>Password:</td> <td><input type="password" name="pass" maxlength="50"></td></tr> <tr><td><input type="submit" name="submit" value="Register"></a></td> <td><input type="submit" name="submit" value="Login"></td></tr> </form> </body> <?php } ?> </html> My problem is whether im login as admin or user the page only redirect to form2.php but will not detect the registration.php which is part am i missing can you recorrect it sir Similar Tutorials
User Authentication Help By Using If Elseif And Else Statement And Redirect Page On 3 Differnet Urls
Hi: I am stuck on one little glitch with an IF ELSE statement .. hoping someone with fresh eyes can see what I am missing. The checkbox will not stay checked, and I'm over looking something but fail to see it. Code: [Select] <? if ($id != "4" ) { echo "<input type='checkbox' name='myPageActive' value='Yes' <?php if($myPageActive == 'Yes') echo 'checked'; ?>> Yes"; } else { echo "<span class='myDeleteMessage'>Homepage must stay active</span>"; } ?> It seems to have something to do with this part: Code: [Select] <?php if($myPageActive == 'Yes') echo 'checked'; ?>> Yes"; Can anyone see what I am missing? Thanks! Folks, I am trying to learn PHP and I have spent the morning trying to sort out something seemingly simple but it is not working for me. I want to write a statement which says: if session variable "one" is empty or if session variable "two" is not equal to "svValue" then do this: if ((empty ($_SESSION["One"])) || if ($_SESSION["Two"] != "svValue ) { do this; } Could you point out the mistake(s) in my syntax? Thanks! John i try to create login page with two different user level for example admin and staff. i did not get any error on my code but it just did not direct to the page it been set to. it just display wrong username or password. i not really sure what is wrong. here is the code loginForm.php Code: [Select] <form action="login.php" method ="post"> <table> <tr><td>Usernama</td> <td><input name="username" type="text" size = "15" maxlength = "15"/></td></tr> <tr><td>Password</td> <td><input name="password" type="password" size = "15" maxlength = "15"/></td></tr> </table> <br><input name="submit" type ="submit" value ="Login"/></td> </form> login.php Code: [Select] <?php ob_start(); $host="localhost"; $user="root"; $pass=""; $db_name="office"; $tbl_name="login"; mysql_connect("$host", "$user", "$pass")or die("cannot connect"); mysql_select_db("$db_name")or die("Cannot Select Database"); // username and password sent from form $sername=$_POST['username']; $password=$_POST['password']; $username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $sql="SELECT * FROM daftarPenyelia WHERE user='$username' AND pass='$password' AND userLevel='$userLevel'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); if ($count == $userLevel) { if ($userLevel == 1) { $_SESSION['username'] = $username; $_SESSION['password'] = $password; header("location:adminMenu.php"); } else if ($userLevel == 2) { $_SESSION['username'] = $username; $_SESSION['password'] = $password; header("location:staffMenu.php"); } } else { echo "Wrong Username or Password"; } ?> can someone help me with this code and tell me what is wrong so that i can fix them Hi, I would like to make a login page with 2 different user level, Admin & Staff. How can i do it using d code below. Thank u. <?php $host="localhost"; $username="root"; $password=""; $db_name="profile"; $tbl_name="company"; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("Cannot Select Database"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); if($count==1){ session_register("myusername"); session_register("mypassword"); header("location:login_success.php"); } else { echo "Wrong Username or Password"; } ?> please is there anyone who can help me with a working login script(code) for different user level(e.g admin and user). CREATE TABLE user (username varchar(20),password varchar(20),level varchar(20),PRIMARY KEY(username)); INSERT INTO `user` VALUES ('a', 'pass1', 'admin'); INSERT INTO `user` VALUES ('b', 'pass2', 'admin'); INSERT INTO `user` VALUES ('c', 'pass3', 'user'); This is my database and Registration.php Code: [Select] <html> <head> <script type="text/javascript"> function a() { var x = document.register.username.value; var y = document.register.pass.value; var z = document.register.pass2.value; if(x==""&& y==""&& z=="") { alert("Please insert all message!"); return false; } if(x=="") { alert("Please insert an username!"); return false; } if(y=="") { alert("Please insert an password!"); return false; } if(z=="") { alert("Please insert an password2!"); return false; } if (y!=z) { alert("Your passwords did not match"); return false; } } </script> </head> <?php mysql_connect("localhost","root") or die(mysql_error()); mysql_select_db("cute") or die(mysql_error()); if (isset($_POST["sub"])) { $_POST['pass'] = md5($_POST['pass']); if (!get_magic_quotes_gpc()) { $_POST['username'] = addslashes($_POST['username']); $_POST['pass'] = addslashes($_POST['pass']); } $usercheck = $_POST["username"]; $check = mysql_query("SELECT username FROM regis WHERE username = '$usercheck'") or die(mysql_error()); $check2 = mysql_num_rows($check); //if the name exists it gives an error if ($check2 != 0) { echo("<SCRIPT LANGUAGE='JavaScript'>window.alert('Sorry, the username" ." ".$usercheck." ". "is already in use.')</SCRIPT>"); echo ("<SCRIPT LANGUAGE='JavaScript'>setTimeOut(window.location = 'registration.php',1)</script>"); } else if($_POST['username'] && $_POST['pass'] && $_POST['pass2'] ) { $insert = "INSERT INTO regis(username, password) VALUES ('".$_POST['username']."', '".$_POST['pass']."')"; $add_member = mysql_query($insert); echo("<SCRIPT LANGUAGE='JavaScript'>window.alert('Registration had been succesfully added :)')</SCRIPT>"); echo "<meta http-equiv='refresh' content='0; url=login.php'>"; } } ?> <body> <form name="register" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" onsubmit="return a()"> <table border='0'> <tr><td>Username:</td><td><input type="text"name="username" maxlength="60"></td></tr> <tr><td>Password:</td><td><input type="password" name="pass" maxlength="10"></td></tr> <tr><td>Confirm Password:</td><td><input type="password" name="pass2" maxlength="10"></td></tr> <tr><th colspan=2><input type="submit" name="sub" value="Register"></th></tr></table> </form> </body> </html> My main problem when in registration iam did not put user level field because it is not secure but how to manage or how to detect when someone registering he or she is user or admin? Below I am checking a user level and if they are level one they see some of the form, and if level two they see additional options. What they have already filled out is to show in the text field. Before I was doing the user level check it worked fine. Even now if something is put in a field it saves in the DB but it will not show in the fields on the form. // Everyone sees <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['FieldA']; ?>"> </tr> <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['FieldB']; ?>"> </tr> // Check if level two and display if they are. <?php } if (checkUser()) { ?> <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['num1']; ?>"> </tr> <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['num2']; ?>"> </tr> <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['num3']; ?>"> </tr> <?php } ?> // Additional things everyone sees even level one. <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['num4']; ?>"> </tr> <tr> So even <?php echo $row_settings['num4']; ?> will not show/work after the <?php } ?> Any thoughts? Thanks in advance everyone. Hi guy's, I'm having problems adjusting a script to add a level (user rights) function. When i login with a admin or normal user it gives a blank page (not redirecting to home.php). It even does'nt return an echo that user / pass is incorrect. I'm breaking my head over this for day's now. Can you help me out? Code: [Select] <?php session_start(); //Login form (index.php) include "db_connect.php"; if(!$_POST['submit']) { ?> <html> <head> <!--[if IE]> <link rel="stylesheet" type="text/css" href="style.css" /> <![endif]--> <![if !IE]> <link rel="stylesheet" type="text/css" href="firefox.css" /> <![endif]> </head> <body> <div id="wrapper"> <div id="header"> <?php include('header.php'); ?> </div> <div class="divider"> <strong>Login</strong> <form method="post" action="index.php"> <div class="formElm"> <label for="username">Klantnummer:</label> <input id="username" type="text" name="username" maxlength="16"> </div> <div class="formElm"> <label for="password">Wachtwoord:</label> <input type="password" name="password" maxlength="16"> </div> <input type="submit" name="submit" value="Login"> </form> </div> <div id="footer"> <?php include('footer.php'); ?> </div> </div> </html> <?php } else { $user = protect($_POST['username']); $pass = protect($_POST['password']); $level = protect($_POST['level']); if($user && $pass && $level) { $pass = md5($pass); //compare the encrypted password $sql1 ="SELECT id,username FROM `users` WHERE `username`='$user' AND `password`='$pass' AND `level`='1'"; $sql2 ="SELECT id,username FROM `users` WHERE `username`='$user' AND `password`='$pass' AND `level`='9'"; $queryN=mysql_query($sql1) or die(mysql_error()); $queryA=mysql_query($sql2) or die(mysql_error()); if(mysql_num_rows($queryN) == 1) { $resultN = mysql_fetch_assoc($queryN); $_SESSION['id'] = $resultN['id']; $_SESSION['username'] = $resultN['username']; header("location:home.php"); } elseif(mysql_num_rows($queryA) == 1) { $resultA = mysql_fetch_assoc($queryA); $_SESSION['id'] = $resultA['id']; $_SESSION['username'] = $resultA['username']; header("location:home.php"); } else{ echo "Wrong Username or Password"; } } } ?> and the mysql code: Code: [Select] CREATE TABLE `user` ( `id` int(4) unsigned NOT NULL auto_increment, `username` varchar(32) NOT NULL, `password` varchar(32) NOT NULL, `level` int(4) default '1', PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=27 DEFAULT CHARSET=latin1; So I have this code: Code: [Select] $skill_query = mysql_query("SELECT * FROM character_stats ORDER BY character_stats.". $fields[$skill] ." DESC LIMIT 0, $end", $c2) or print(mysql_error()); $user_query = mysql_query("SELECT user.username, user.userid, character_stats.uid FROM user, character_stats WHERE character_stats.uid = user.userid ORDER BY character_stats.". $fields[$skill] ." DESC LIMIT 0, $end") or print(mysql_error()); //WHERE user.usergroupid != 6 AND characters.banned = 0 $rank = 1; while($player = mysql_fetch_array($skill_query)){ if($user['userid'] != 1){ continue; } $user = mysql_fetch_array($user_query); if($rank >= $start) output($rank, $user['username'], $user['userid'], $player['combat'], $level, number_format($exp)); $rank++; } Yet for some reason it doesn't work. I know that the Code: [Select] if($user['userid'] != 1){ continue; }Is the reason, but how do I fix it? Basically, my goal is to display these highscores, but omit UserID 1. Thanks. I am using a nivo slider that doesn't work in IE 6. I am trying to think of the best way to verify the users browser and if it is IE 6 show a static image anything else show slider. Is PHP the best way to accomplish this? Hello, Please excuse me if this sounds like a bit of a newb question. If I have a link to a users profile and use GET to pull information about that user from various tables using something like this: Code: [Select] <?php { $id = $_GET['id']; $user = mysql_query("SELECT * FROM users,tbl1,tbl2,tbl3,tbl4,tbl5 WHERE $id=tbl1.user_id AND tbl1.user_id=tbl2.user_id AND tbl2.user_id=tbl3.user_id ANDtbl3.user_id=tbl4.user_id AND tbl4.user_id=tbl5.user_id"); $user=mysql_fetch_assoc($user); } ?> <h3>Table 1</H3> <?php echo "<b>".$user['tbl1_title']."<br>"; ?><br /> <h3>Table 2</H3> <?php echo "<b>".$user['tbl2_title']."<br>"; ?><br /> <h3>Table 3</H3> <?php echo "<b>".$user['tbl3_title']."<br>"; ?><br /> <h3>Table 4</H3> <?php echo "<b>".$user['tbl4_title']."<br>"; ?><br /> <h3>Table 5</H3> <?php echo "<b>".$user['tbl5_title']."<br>"; ?><br /> Why does it only show the 1st record for that user from each table? And mostly, how do I change it to show all or a certain number of records from each table? Any help would be greatly appreciated. Thanks in advance Below code is working fine but i need to redirect on 3 different pages and its giving me error. My table structure is as
User table
Email Password
admin@yahoo.com 123
tariq@yahoo.com 987
bilal@yahoo.com 456
if user name is like; admin@yahoo.com the page should redirect on welcome.php
if user name is like; info@aiousoft.com the page should redirect to welcome2.php
and if user doesnot exist in database then give error as ELSE "user doesnot exist"
thanks
signin.php
<html><head><title>Sign In</title></head><body> <?php include 'header.php'; ?> <?php include 'menu.php'; ?> <center> <form method="post" action="checklogin.php"> <h3>Please Signin</h3> <table width="400" border="0"> <tr><td>Email</td> <td><input name="email" type="text" id="email"></td></tr> <tr><td>Password</td> <td><input name="password" type="password" id="password"></td></tr> </table> <p><label> <input type="submit" email="submit" value="Submit"> </label><input email="reset" type="reset"> </p> </form> </center> </body> </html> checklogin.php <html><head><title>Check Login</title></head><body> <?php include 'header.php'; include 'menu.php'; $email=$_POST['email']; $password=$_POST['password']; @ $db = mysql_pconnect('localhost', 'root', ''); if (!$db) { echo 'Error: Could not connect to database. Please try again later.'; exit;} mysql_select_db('car'); $q=mysql_query("select * from user where email='".$email."' and password='".$password."' ") or die(mysql_error()); $res=mysql_fetch_row($q); if($res) { header('location:welcome.php'); } else { echo' Please signin again as your user name and password is not valid'; } ?> </body> </html> Attached Files header.php 284bytes 0 downloads menu.php 308bytes 0 downloads Hi all ! I'm having issues with the following: Code: [Select] <?php session_start(); $_SESSION['username']=$_POST['username']; $_SESSION['password']=$_POST['password']; if($_SESSION['username']=="username" && $_SESSION['password']=="password"){ if($_GET['product']=="add"){ $content.=' <p><label>Product Name:</label> <input type="text" name="product_name" size="30" /> <label>Product Price:</label> <input type="text" name="product_price" size="5" /> </p> <p><label>Product Category:</label> <input type="text" name="product_category" size="30" /></p> <p><label>Product Link:</label> <input type="text" name="product_link" size="30" /></p> <p><label>Product Image:</label> <input type="text" name="product_image" size="30" /></p> <p><label>Product Tag:</label> <input type="text" name="product_tag" size="30" /></p> <p><label>Product Keywords:</label> <input type="text" name="keyword" size="30" /></p> <p><label>Product Features:</label><br /> <textarea name="product_features" rows="10" cols="60"></textarea> </p> <p><label>Product Pros:</label><br /> <textarea name="product_pros" rows="5" cols="30"></textarea> </p> <p><label>Product Cons:</label><br /> <textarea name="product_cons" rows="5" cols="30"></textarea> </p> <p><label>Product Description:</label><br /> <textarea name="product_description" rows="10" cols="60"></textarea> </p> <p><label>Product Notes:</label><br /> <textarea name="product_notes" rows="5" cols="30"></textarea> </p> '; $logout='<div><a href="./acp_admincp.php?log-out">Log-Out</a></div>'; } elseif($_GET['product']=="view"){ } else{ $content.=' <a href="./admincp.php?product=add">Add New Product</a> <br /> <a href="./admincp.php?product=view">View Products</a> '; } } elseif(isset($_GET['log-out'])){ session_start(); session_unset(); session_destroy(); header("Location: ./admincp.php"); } else{ $content=' <form action="./admincp.php" method="post"> <p><label>Username:</label> <input type="text" name="username" size="30" />'; $content.='</p> <p><label>Password:</label> <input type="password" name="password" /></p>'; $content.='<p><input type="submit" value="Submit" name="Submit" /></p> </form>'; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head> <base href="http://ghosthuntersportal.com/" /> <title>Ghost Hunter's Portal - Admin Control Panel</title> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta name="verify-v1" content="" /> <meta name="keywords" content="ghost, hunters, hunter, ghosts, spirit, spirits, paranormal, investigation, investigator, investigators, k2, emf, meter, kii" /> <meta name="description" content="Ghost Hunters Potal. Parnormal research equipment store." /> <meta name="author" content="Andrew McCarrick" /> <meta name="robots" content="index, follow" <link rel="stylesheet" type="text/css" href="style.css" /> </head> <body> <img src="./logo.png" alt="Ghost Hunter's Portal Admin Control Panel" /> <br /> <div style="color: #AA44AA; font-size: 26px; margin-top: -30px; margin-left: 125px;">Admin Control Panel</div> <?php echo $logout; echo $content; ?> </body> </html> I can log-in, and get to the page with the two links on it. However, once I click one of the links it falls back to the log-in page, and it ends up being a never ending loop. It's doing this: Log-In --> Page with links ---> Log-In page again Should be doing this: Log-In --> Page with links --> Add Product page or View Products page I can never get into the the actual sub page. Just to be clear, the address bar actually shows product=add or product=view, but it still shows the log-in page. I would appreciate your assistance, there are tons of login scripts and they work just fine. However I need my operators to login and then list their activities for the other operators who are logged in to see and if desired send their clients on the desired activity. I have the login working like a charm and the activities are listed just beautifully. How do I combine the two tables in the MySQL with PHP so the operator Logged in can only make changes to his listing but see the others. FIRST THE ONE script the member logges in here to the one table in MSQL: <?php session_start(); require_once('config.php'); $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } $login = clean($_POST['login']); $password = clean($_POST['password']); if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: login-form.php"); exit(); } $qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); if($result) { if(mysql_num_rows($result) == 1) { session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['member_id']; $_SESSION['SESS_FIRST_NAME'] = $member['firstname']; $_SESSION['SESS_LAST_NAME'] = $member['lastname']; session_write_close(); header("location: member-index.php"); exit(); }else { header("location: login-failed.php"); exit(); } }else { die("Query failed"); } ?> ................................................. ................................ Now I need the person who logged in to the table above to be able to make multiple entries to the table below <? $ID=$_POST['ID']; $title=$_POST['title']; $cost=$_POST['cost']; $activity=$_POST['activity']; $ayear=$_POST['aday']; $aday=$_POST['ayear']; $seats=$_POST['special']; $special=$_POST['seats']; mysql_connect("xxxxxx", "xxx350234427", "========") or die(mysql_error()); mysql_select_db("xxxx") or die(mysql_error()); mysql_query("INSERT INTO `activity` VALUES ('ID','$title', '$cost','$activity', '$aday', '$ayear', '$special', '$seats')"); Print "Your information has been successfully added to the database!" ?> Click <a href="member-profile.php">HERE</a> to return to the main menu <?php ?> hi, i have made a website where people resgister their details of them and products. they have to enter the following details in form Name of company name of the product company address email id password mobile number contact and brief details about their company
user can then login with email id and pwd. now after login ..user will get a page where he can upload the photos of products images and their price, so now my question is that when he finishes uploading (|by clicking on upload button) the product images and price text box ..then on final uploaded webspage it should show all other things which he registerd before (company name , mobile number etc) along with images and price...hence the main question that user does not need to enter mobile and address while uploading images and filling proce ..but on the final page it should show mobile and address along with price and images..as user is not going to enter mobile and address again and again as he will have multiple products to upload.
Hi, so far I have managed to set up a somewhat basic login website with a mysql database backend. Once they have logged on they go to a "main menu" page. What I need to define is that user A sees button A but only that button, etc. (Then of course that same rule would have to apply if they tried to directly go to the page, but I am guessing I can do that in the same way that I currently do to force a login). If anyone has any tutorials or sample code I would much appreciate it. Thanks, Actually, what i want to do is to use the email to fetch the $email,$password and $randomnumber from database after Hi guys im ben from Liverpool and im making an online store in php, and have been following a tutorial. the problem is my site so far is on wampserver. When i upload the database and php files to an online host my work just does not show. Has any1 got any advice or willing to help me? i would much appreciate it! Hello, I have a mysql table and when I populate it through php i have to insert blank values into fields if not it will not work. How can I put the default value in phpmyadmin to be blank, but not null. I dont understand the null checkbox or the default value option. Please help not phpmyadmin guides found |
|||||||