About Variable


#1

Hi, with the help, this is what i have so far:

[code]$sql = 'SELECT level FROM users WHERE uid = '.$uid;
$result = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_row($result);
$level = $row[0];

if ($level) {
//is administrator
} else {
//is regular user
}[/code]

I was told to store the users id from the database into $uid.

How would i do that? And by the way, my aim is to restrict a part of the site. This is what this code is for, Thanks for help everyone.


#2

I am confused at your question.

First of all your code assumes that already have the userid

$sql = 'SELECT `level` FROM `users` WHERE `uid` = '.$uid; 

This will give you the LEVEL not the USERID.

you probably want to store the LEVEL in a session and check it’s value on each page that has the restrictions. If it’s not set or not , refer to a login page, if it is set and not the appropriate level, then display a message stating so.

Given the information you provided that’s about all I can do to help you (at this point.)


#3

Ok. i tell you what my objective is. I have a user login page which directs the user to members.php

i want me, the administrator to have a special link where it says manage.php where other users cannot see it. So without looking at the above script, is it possible for you to produce me a script?

If you want to knw, this is how i log the users in.

[php]<?

session_start();
header(“Cache-control: private”);

include ‘db.php’;
// Conver to simple variables
$username = $_POST[‘username’];
$user_password = $_POST[‘user_password’];

$error_message = “”;
if((!$username) || (!$user_password)){
$error_message = “”;
$error_message .= "You must enter the username and password
";
include ‘index.php’;
exit();
}

$password = md5($password);

// check if the user info validates the db
$sql = mysql_query(“SELECT * FROM users WHERE username=’$username’ AND user_password=’$user_password’ AND activated=‘1’”) or die (“Error :”.mysql_error());
$login_check = mysql_num_rows($sql);

if($login_check > 0){
while($row = mysql_fetch_array($sql)){
foreach( $row AS $key => $val ){
$$key = stripslashes( $val );
}
// Register some session variables!
session_register(‘first_name’);
$_SESSION[‘first_name’] = $first_name;
session_register(‘last_name’);
$_SESSION[‘last_name’] = $last_name;
session_register(‘email_address’);
$_SESSION[‘email_address’] = $email_address;
session_register(‘username’);
$_SESSION[‘username’] = $username;
session_register(‘last_login’);
$_SESSION[‘last_login’] = $last_login;
mysql_query(“UPDATE users SET last_login=now() WHERE userid=’$userid’”);

	header("Location: members.php");
}

} else {
$error_message .= "You could not be logged in either because your username and password are invalid or you have not validated your account! Please try again
";

include 'index.php';

}
?>[/php]

So i have created something called ‘level’ in my table. So, i have set me ‘Bengaltiger’ to number 1 {admin} and all others are set to 0 {normal user}

Can you help now?