My PHP Session variables aren't setting

Question

I need to have three different user types: guest, author, and admin. When the user registers, they select whether they are an author or an admin with a drop down list. The three different types have different capabilities.

Currently, regardless of their login, it will assign guest after they login.

<?php
include("dbconnect.php");
$con = new dbconnect();
$con->connect();

session_start();

if (isset($_POST['submit']))
    {
        $sql = "SELECT type FROM Users WHERE username = '".$_POST["username"]."' AND         password = ('". sha1($_POST["password"]) ."')";

        $result = mysql_query($sql);

    if (mysql_num_rows($result) == 1) {
        $type_num=0;
        while ($info = mysql_fetch_array($result)) {
            $type =$info['type'];
        }

        if($type == "admin")
        {

            $_SESSION['type']=2;
            $_SESSION['username']= $_POST["username"];
            header("Location: viewPosts.php");
        }
        if($type == "author")
        {

            $_SESSION['type']=1;
            $_SESSION['username']= $_POST["username"];
            header("Location: viewPosts.php");
        }
        else 
        {
            $_SESSION['type']= $type_num;
            $_SESSION['username']="guest";
            header("Location: viewPosts.php");
        }


    } else {
        //redirect back to login form if not authorized
        header("Location: loginfailed.html");
        exit;
    }
}
?>

How do I get it so it will assign those variables correctly?? Thanks!

Answer 1

Source of your problem: if($type == "author")

Change that to elseif ($type == "author"). This will make it so the conditional checking thread continues appropriately to the end. Otherwise, if $type == "admin", then it will always call that last else statement you have there.