Solved

LOGIN SCRIPT WITH ACCESS LEVEL HELP

Posted on 2007-04-10
2
200 Views
Last Modified: 2013-12-12
Hello Experts,

I am trying to put a login script together which would redirect the user according to the ACCESSLEVEL value stored in DB.

So lets say if I have two types of users: ADMIN and USERS.

ADMIN ACCESSLEVEL is = 1;
USER ACCESSLEVER is = 2;

Now I have this simple login script:

mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword
$username=$_POST['username'];
$password=$_POST['password'];

$sql="SELECT * FROM $tbl_name WHERE `username`='$username' and `password`='$password'";
      
$result=mysql_query($sql);
$row = mysql_fetch_array($result);
$count=mysql_num_rows($result);

if ($count > 0)
{
header("Location:../default.php");
}

As you can see my script only checks for the LOGIN AND PASSWORD. Now I want to be able to check the ACCESSLEVEL and then redirect the user to the appropriate page. I think accesslevel then have to be set as the SESSION VARIABLE.

I thought about using the SWITCH STATEMENT once I get the authentication and then check for the ACCESSLEVEL:

switch ($level) {
 case 1:
header("Location:../admin_default.php");
 exit;

 case 2:
header("Location:../user_default.php");
 exit;

I would highly appreciate any help in this matter.
0
Comment
Question by:combustion007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 1

Expert Comment

by:pablocubico
ID: 18885009
I don't understand what the problem is.

Everything you said sounds just ok. You can store the access level on the session. You should check session_start() functions on PHP documentation, which you should include at the beginning of your scripts.

Then just use the global $_SESSION array to store the access level ($_SESSION['level'] = $level).

The header redirection is fine also.

It's quite simple, it looks like you already got it.
0
 
LVL 14

Accepted Solution

by:
Aamir Saeed earned 500 total points
ID: 18888558
You can also store User Access Levels in the database. For example

  ID                Name                     Level                Password
  1                Admin                       1                            123
  2                 User                        2                             456

when you 'll retrieve information, you get the Level info too. Its OK what you doing i.e.

$level = GET_VALUE_FROM_DB
switch ($level) {
 case 1:
header("Location:../admin_default.php");
break;

 case 2:
header("Location:../user_default.php");
break;
}
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
This article discusses how to create an extensible mechanism for linked drop downs.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question