I want to make this as efficient as possible and think strider64 way is optimal and think enums is way better.
Heres the new table
CREATE TABLE Members(
id SMALLINT NOT NULL AUTO_INCREMENT,
PRIMARY KEY(id),
name VARCHAR(50),
email VARCHAR(50),
password VARCHAR(50),
type ENUM('Admin','User','Guest') DEFAULT 'Guest',
created DATE,
image VARCHAR(150)
);
Heres a couple of insert statements
INSERT INTO Members (id,name,email,password,type,created,image) VALUES (1,"Luke Urtnowski","[email protected]","test","Admin",2014-07-07,"http://www.almostsavvy.com/wp-content/uploads/2011/04/profile-photo.jpg");
INSERT INTO Members (id,name,email,password,type,created,image) VALUES (2,"Jason Cannon","[email protected]","test","User",2014-07-07,"http://www.almostsavvy.com/wp-content/uploads/2011/04/profile-photo.jpg");
INSERT INTO Members (id,name,email,password,type,created,image) VALUES (3,"Davida Milkes","[email protected]","test","User",2014-07-07,"http://www.almostsavvy.com/wp-content/uploads/2011/04/profile-photo.jpg");
I created the utilities file to require at the top of each page
The last step is different cause Im going to give the logged in user three options (if they are Admin, to go to the Admin section, If they are a User, they would simply go to index.php, lastly if they fail at logging in, they will be taken back to the form
[php]
<?php
session_start();
include("db/configPDO.php");
$Email=$_POST['email'];
$Password=$_POST['password'];
$sql = "SELECT type FROM Members WHERE email = :Email AND password = :Password";
$STM = $dbh->prepare($sql);
$STM->bindParam(':Email', $Email);
$STM->bindParam(':Password', $Password);
$STM->execute();
$count = $STM->rowCount();
$row = $STM -> fetch();
if(($count==1) && ($row['type']=='Admin'))
{
$_SESSION[type]=$row['type'];
$_SESSION[email]=$Email;
header( "location:localhost/shoresrentals/Admin/");
exit();
}
else if (($count==1) && ($row['type']=='User'))
{
$_SESSION[type]=$row['type'];
$_SESSION[email]=$Email;
header( "location:localhost/shoresrentals/index.php");
exit();
}
else
{
header("location:localhost/shoresrentals/login.php");
exit();
}
$dbh = null;
?>
[/php]
Another question I have is why do I need the type of Guest in the table, cant I just have “welcome Guest” if the user never even logs in?