Solved

LOGIN SCRIPT WITH ACCESS LEVEL HELP

Posted on 2007-04-10
2
198 Views
Last Modified: 2013-12-12
Hello Experts,

I am trying to put a login script together which would redirect the user according to the ACCESSLEVEL value stored in DB.

So lets say if I have two types of users: ADMIN and USERS.

ADMIN ACCESSLEVEL is = 1;
USER ACCESSLEVER is = 2;

Now I have this simple login script:

mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword
$username=$_POST['username'];
$password=$_POST['password'];

$sql="SELECT * FROM $tbl_name WHERE `username`='$username' and `password`='$password'";
      
$result=mysql_query($sql);
$row = mysql_fetch_array($result);
$count=mysql_num_rows($result);

if ($count > 0)
{
header("Location:../default.php");
}

As you can see my script only checks for the LOGIN AND PASSWORD. Now I want to be able to check the ACCESSLEVEL and then redirect the user to the appropriate page. I think accesslevel then have to be set as the SESSION VARIABLE.

I thought about using the SWITCH STATEMENT once I get the authentication and then check for the ACCESSLEVEL:

switch ($level) {
 case 1:
header("Location:../admin_default.php");
 exit;

 case 2:
header("Location:../user_default.php");
 exit;

I would highly appreciate any help in this matter.
0
Comment
Question by:combustion007
2 Comments
 
LVL 1

Expert Comment

by:pablocubico
ID: 18885009
I don't understand what the problem is.

Everything you said sounds just ok. You can store the access level on the session. You should check session_start() functions on PHP documentation, which you should include at the beginning of your scripts.

Then just use the global $_SESSION array to store the access level ($_SESSION['level'] = $level).

The header redirection is fine also.

It's quite simple, it looks like you already got it.
0
 
LVL 14

Accepted Solution

by:
Aamir Saeed earned 500 total points
ID: 18888558
You can also store User Access Levels in the database. For example

  ID                Name                     Level                Password
  1                Admin                       1                            123
  2                 User                        2                             456

when you 'll retrieve information, you get the Level info too. Its OK what you doing i.e.

$level = GET_VALUE_FROM_DB
switch ($level) {
 case 1:
header("Location:../admin_default.php");
break;

 case 2:
header("Location:../user_default.php");
break;
}
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question