ok i had some problems before with imaging, but that is all solved. but now i need help with some user authentication. basically, when you add a user to my database, "busted" under table "user_info", the following info is stored (and works, i checked)
user_realname
username
password
bus_number //the bus number each account is associated with
acct_type // can be driver, admin, or parent.
and what i'm trying to do is have the script check the username and password, which it does, and if they are wrong or not entered go back to the login screen, which it also does. but what i want to happen next is that if the account type is admin, it would redirect to /admin/adminhome.html, and the same goes for driver and parent, respectively. but using this code, if the username and password do match, it always redirects to admin/adminhome. so what am i doing wrong?
[php]
<?
//check if username and password were even entered
if ((!$_POST[username]) || (!$_POST[password])) {
header("Location: show_login.html");
exit;
}
$db_name = "busted";
$table_name = "user_info";
$con = @mysql_connect("localhost", "nathan", "*******")
or die(mysql_error());
$db = @mysql_select_db($db_name, $con) or die(mysql_error());
$sql = "SELECT * FROM $table_name WHERE username = '$_POST[username]' AND password = '$_POST[password]'";
$result = @mysql_query($sql, $con) or die(mysql_error());
$num = mysql_num_rows($result);
if ($num !=0) {
session_start();
WHILE($row = mysql_fetch_array($result))
{
$_SESSION['username'] = $row[username];
$_SESSION['password'] = $row[password];
$_SESSION['user_realname'] = $row[user_realname];
$_SESSION['bus_number'] = $row[bus_number];
$_SESSION['acct_type'] = $row[acct_type];
}
//use statements below to test session vars.
//echo "hello, $_SESSION['username']! you entered $_SESSION['password'] as your password. Your real name is $_SESSION['user_realname'], and you are associated with bus number $_SESSION['bus_number'] with $_SESSION['acct_type'] as your account type.";
{
if ($_SESSION['acct_type'] = admin) {
header("location: /admin/adminhome.html");
exit;
}
elseif ($_SESSION['acct_type'] = parent) {
header("location: /parent/parenthome.html");
exit;
}
elseif ($_SESSION['acct_type'] = driver) {
header("location: /driver/driverhome.html");
exit;
}
else {
echo "Sorry, but it looks like you either didn't have your account created correctly, or some other techical difficulty is blocking your entrance to the system. Check with your administrator for assistance."; //note: admin email address as link?
}
}else {
header("location: show_login.html");
exit;
}
?>[/php]
12  1773 
Please enclose any code within the proper code tags. See the Posting Guidelines on how to do that. moderator
You either copied your code wrong or it is the error.
The if always uses == or === but not = cause that is an assigment.
in the if I assume admin is a char field, so put it between quotes. I.e. [php]if ($_SESSION['acct_type'] == 'admin') {
header("location: /admin/adminhome.html");
exit;
}
elseif ($_SESSION['acct_type'] == 'parent') {
header("location: /parent/parenthome.html");
exit;
}
elseif ($_SESSION['acct_type'] == 'driver') {
header("location: /driver/driverhome.html");
exit;
}
[/php]Ronald
ok sorry i forgot about the code tags...
anyway, that was the problem and thank you for your time.
i do have one more question though:
is there a way (similar to below) that i could check the account type so the parents and drivers can't access the admin sub or each others? such as this -
-
{
-
if ($_SESSION['acct_type'] == 'admin') {
-
$_SESSION['admin_logged_in'] = "true";
-
header("location: /admin/adminhome.html");
-
exit;
-
}
-
else
-
if ($_SESSION['acct_type'] == 'parent') {
-
$_SESSION['parent_logged_in'] = "true";
-
header("location: /parent/parenthome.html");
-
exit;
-
}
-
elseif ($_SESSION['acct_type'] == 'driver') {
-
$_SESSION['driver_logged_in'] = "true";
-
header("location: /driver/driverhome.html");
-
exit;
-
}
-
//else {echo "Sorry, but it looks like you either didn't have your account created correctly, or some other techical difficulty is blocking your entrance to the system. Check with your administrator for assistance."; //note: admin email address as link?
-
}
-
}else {
-
header("location: show_login.html");
-
exit;
-
}
-
and then have something to the effect of this at the beginning of each admin html file: -
if ((!$_SESSION['admin_logged_in']) || ($_SESSION['admin_logged_in'] != "true") {header("location: ../show_login.html") }
-
[html goes here]
-
Glad it worked. Yes you can use this statement (I changed it because there was an error in the one you showed):[php]if (!isset($_SESSION['admin_logged_in']) || ($_SESSION['admin_logged_in'] != "true")) {
header("location: ../show_login.html");
exit;
}[/php]Ronald
the sad thing (or maybe its a good sign) is that i caught the isset thing literally 10 seconds before refreshing this page. i'm going to try that thanks for the help
At least you found it yourself. Good luck. See you around next time.
Ronald
well, we lost. Sorry. but thanks for your help anyway.
..well, we lost..
What did you lose?
Ronald
We won an event called spotlight on technology, which entered us into regional competition, so i definately put this site's logo on our display. but we got beat. and get this. by a random number generator. isn't that like 3 or 4 lines of code?
More or less. Sorry to hear you lost. But there's always next year.
Ronald
well considering that was a high school competition i don't exactly have the same chances as i'm a senior, so... meh. i'm gonna keep developing the program and maybe market it soon, who knows.
Wish you good luck and see you next time here.
Ronald
Sign in to post your reply or Sign up for a free account.
Similar topics
by: Tim Daneliuk |
last post by:
OK, I've Googled for this and cannot seem to quite find what I need.
So, I turn to the Gentle Geniuses here for help. Here is what I
need to do from within a script:
Given a username and a...
|
by: Dan Bart |
last post by:
I am using an application which is a modification of IBuySpy Portal.
It is using Forms authentication. Users login and their name is added
to
Context
Then I use:
...
|
by: Matthew Louden |
last post by:
I wrote ASP.NET application that access SQL Server database. When I run the
application, it yields "Login failed for user '<COMPUTER_NAME>\ASPNET'"
error message.
I then did the following, but...
|
by: Joe |
last post by:
I check for the NTLogin of a user by
Page.User.Identity.Name,
but when I put the app on the server the value for
Page.User.Identity.Name is ""
I had the <allow users="*/> attribute commented...
|
by: Tom Nowak |
last post by:
I am writing a webapp in which a user is required to enter a login id and
password on a login form. I have forms authenticaion coded in my web.config.
Once the user is logged in, I want to use the...
|
by: noor |
last post by:
hi,
can any one tell me a javascript that can be called on mouseover event of a
html link control .
script can check from session either a user is login or not
In the case of Login it will...
|
by: J |
last post by:
Hello. I apologize if this isn't the appropriate group for this question
but I was wondering if it's possible to allow regular windows domain users
to change their passwords through an .asp page? ...
|
by: mario.colorado |
last post by:
Hi!
Does anyone know why it is that when I use:
Request.LogonUserIdentity.User.ToString()
I get something like:
S-1-5-21-2268419..........
|
by: webrod |
last post by:
Hi all,
how can I check a user/password in a LDAP ?
I don't want to connect with this user, I would like to connect to LDAP
with a ADMIN_LOG/ADMIN_PWD, then do a query to find the user and...
|
by: MuZZy |
last post by:
Hi,
I am looking to find a way to get currently logged in user's object GUID
without querying ActiveDirectory. For example, when i log in to my
laptop from home, I'm not on the office network so...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |
