Ok. i tell you what my objective is. I have a user login page which directs the user to members.php
i want me, the administrator to have a special link where it says manage.php where other users cannot see it. So without looking at the above script, is it possible for you to produce me a script?
If you want to knw, this is how i log the users in.
[php]<?
session_start();
header(“Cache-control: private”);
include ‘db.php’;
// Conver to simple variables
$username = $_POST[‘username’];
$user_password = $_POST[‘user_password’];
$error_message = “”;
if((!$username) || (!$user_password)){
$error_message = “”;
$error_message .= "You must enter the username and password
";
include ‘index.php’;
exit();
}
$password = md5($password);
// check if the user info validates the db
$sql = mysql_query(“SELECT * FROM users WHERE username=’$username’ AND user_password=’$user_password’ AND activated=‘1’”) or die (“Error :”.mysql_error());
$login_check = mysql_num_rows($sql);
if($login_check > 0){
while($row = mysql_fetch_array($sql)){
foreach( $row AS $key => $val ){
$$key = stripslashes( $val );
}
// Register some session variables!
session_register(‘first_name’);
$_SESSION[‘first_name’] = $first_name;
session_register(‘last_name’);
$_SESSION[‘last_name’] = $last_name;
session_register(‘email_address’);
$_SESSION[‘email_address’] = $email_address;
session_register(‘username’);
$_SESSION[‘username’] = $username;
session_register(‘last_login’);
$_SESSION[‘last_login’] = $last_login;
mysql_query(“UPDATE users SET last_login=now() WHERE userid=’$userid’”);
header("Location: members.php");
}
} else {
$error_message .= "You could not be logged in either because your username and password are invalid or you have not validated your account! Please try again
";
include 'index.php';
}
?>[/php]
So i have created something called ‘level’ in my table. So, i have set me ‘Bengaltiger’ to number 1 {admin} and all others are set to 0 {normal user}
Can you help now?