I have in SQL Database admin column which is defined by 0 and 1.
How do i Redirect if admin=1 and admin=0 ???
<?php
require_once('../main.inc.php');
if(!defined('INCLUDE_DIR')) die('Fatal Error. Kwaheri!');
require_once(INCLUDE_DIR.'class.staff.php');
if($_POST && (($_POST['firstname']) && ($_POST['lastname']))){
//$_SESSION['_staff']=array(); #Uncomment to disable login strikes.
$msg='Invalid login';@header("Location: ../open.php");
if($_SESSION['_staff']['laststrike']) {
if((time()-$_SESSION['_staff']['laststrike'])<$cfg->getStaffLoginTimeout()) {
$msg='Excessive failed login attempts';@header("Location: ../open.php");
$errors['err']='You\'ve reached maximum failed login attempts allowed.';
@header("Location: login.php");
}else{ //Timeout is over.
//Reset the counter for next round of attempts after the timeout.
@header("Location: ../open.php");
$_SESSION['_staff']['laststrike']=null;
$_SESSION['_staff']['strikes']=0;
@header("Location: ../open.php");
}
}
if(!$errors && ($user=new StaffSession($_POST['username'])) && $user->getId() && $user->check_passwd($_POST['passwd'])){
//update last login.
db_query('UPDATE '.STAFF_TABLE.' SET lastlogin=NOW() WHERE staff_id='.db_input($user->getId()));
//Figure out where the user is headed - destination!
$dest=$_SESSION['_staff']['auth']['dest'];
//Now set session crap and lets roll baby!
$_SESSION['_staff']=array(); //clear.
$_SESSION['_staff']['userID']=$_POST['username'];
$user->refreshSession(); //set the hash.
$_SESSION['TZ_OFFSET']=$user->getTZoffset();
$_SESSION['daylight']=$user->observeDaylight();
Sys::log(LOG_DEBUG,'Staff login',sprintf("%s logged in [%s]",$user->getUserName(),$_SERVER['REMOTE_ADDR'])); //Debug.
//Redirect to the original destination. (make sure it is not redirecting to login page.)
$dest=($dest && (!strstr($dest,'login.php') && !strstr($dest,'../open.php')))?$dest:'index.php';
session_write_close();
session_regenerate_id();
@header("Location: index.php");
require_once('index.php'); //Just incase header is messed up.
exit;
}
//If we get to this point we know the login failed.
$_SESSION['_staff']['strikes']+=1;
if(!$errors && $_SESSION['_staff']['strikes']>$cfg->getStaffMaxLogins()) {
$msg='Access Denied';@header("Location: login.php");
$errors['err']='Forgot your login info? Contact IT Dept.';
$_SESSION['_staff']['laststrike']=time();
$alert='Excessive login attempts by a staff member?'."\n".@header("Location: login.php");
'Username: '.$_POST['username']."\n".'IP: '.$_SERVER['REMOTE_ADDR']."\n".'TIME: '.date('M j, Y, g:i a T')."\n\n".
'Attempts #'.$_SESSION['_staff']['strikes']."\n".'Timeout: '.($cfg->getStaffLoginTimeout()/60)." minutes \n\n";
Sys::log(LOG_ALERT,'Excessive login attempts (staff)',$alert,($cfg->alertONLoginError()));
}elseif($_SESSION['_staff']['strikes']%2==0){ //Log every other failed login attempt as a warning.
$alert='Username: '.$_POST['username']."\n".'IP: '.$_SERVER['REMOTE_ADDR'].
"\n".'TIME: '.date('M j, Y, g:i a T')."\n\n".'Attempts #'.$_SESSION['_staff']['strikes'];
Sys::log(LOG_WARNING,'Failed login attempt (staff)',$alert);
@header("Location: login.php");
}
}
define("OSTSCPINC",TRUE); //Make includes happy!
$login_err=($_POST)?true:false; //error displayed only on post
include_once(INCLUDE_DIR.'staff/login.tpl.php');
?>
You can use the header() function
header(“Location: pagename.php”);