Login : Redirect According to user level

Beginners - Learning PHP
#1

Hi, I would like to make a login page with 2 different user level, Admin & Staff. I’m not sure if my code is correct and I’m facing these errors also. Please help.

Notice: Undefined index: myusername in C:\wamp\www\i-document\login.php on line 14

Notice: Undefined index: mypassword in C:\wamp\www\i-document\login.php on line 15

Thank u.

[php]

<?php $host="localhost"; $username="root"; $password=""; $db_name="idoc"; $tbl_name="user"; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("Cannot Select Database"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); if($count==1){ if (user_level == 1) { $_SESSION['myusername'] = $myusername; $_SESSION['mypassword'] = $mypassword; header("location:Admin_home.php"); } else if (user_level == 2) { $_SESSION['myusername'] = $myusername; $_SESSION['mypassword'] = $mypassword; header("location:home.php"); } } else { echo "Wrong Username or Password"; } ?>

[/php]

#2

You need to get user_level from the database (I assume you have a column named user_level) and put it in a variable and then put that in the if statement. See the code below.

[php]<?php
$host=“localhost”;
$username=“root”;
$password="";
$db_name=“idoc”;
$tbl_name=“user”;

mysql_connect("$host", “$username”, “$password”)or die(“cannot connect”);
mysql_select_db("$db_name")or die(“Cannot Select Database”);

// username and password sent from form
$myusername=$_POST[‘myusername’];
$mypassword=$_POST[‘mypassword’];

$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql=“SELECT * FROM $tbl_name WHERE username=’$myusername’ and password=’$mypassword’”;
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

//this creates an array with the results
$row= mysql_fetch_array($result)

if($count==1){

//this gets the value held in the ‘user_level’ column for the user
$user_level = $row[‘user_level’];

//this tests to see if the user_level is 1 or 2
if ($user_level == ‘1’) {
$_SESSION[‘myusername’] = $myusername;
$_SESSION[‘mypassword’] = $mypassword;
header(“location:Admin_home.php”);
}
else if ($user_level == ‘2’) {
$_SESSION[‘myusername’] = $myusername;
$_SESSION[‘mypassword’] = $mypassword;
header(“location:home.php”);
}
}
else {
echo “Wrong Username or Password”;
}
?>[/php]

As for the Undefined Index errors check the form has posted correctly by adding something like:

[php]
if (isset($_POST[‘myusername’]) && isset($_POST[‘mypassword’])) {

$myusername=$_POST[‘myusername’];
$mypassword=$_POST[‘mypassword’];

echo $myusername;
echo $mypassword;

} else {
echo "Username and Password not Posted
}
}
[/php]

then you know that there is a problem with the POST, normally the error appears when the variable is not properly set.

#3

Thank you so much. It was ver helpful. :slight_smile:

Sponsor our Newsletter | Privacy Policy | Terms of Service