CODEWITHSUNDEEP
php
Mcam435
Mcam435

Reputation: 101

PHP Redirect Depending On User Type

I have a login page that fairly basic. I'm developing a prototype whilst learning the in's and outs of PHP.

In my MySql database, it looks like this: UserID, username, passcode, talent, customer. Talent and customer are both binary and only one can be True.

So what I'm trying to do, is if talent = 1, send them to index.php, and if customer = 1, send them to recruiter.php.

I'm 90% sure I have the basics down, but since I've added the extra if's to check talent and customer, it's broken my script :)

Finally, I'd need to do this check on each page to make sure that customers don't access talent pages and visa versa.

Am I on the right track??

My current script does this:

     <?php
        include("resource/config.php");
        if($_SERVER["REQUEST_METHOD"] == "POST")
        {
        // username and password sent from Form 
            $myusername=addslashes($_POST['username']); 
            $mypassword=addslashes($_POST['password']); 

            $sql="SELECT UserID, talent, customer FROM useradmin WHERE username='$myusername' and passcode='$mypassword'";
            $result=mysql_query($sql);
            $row=mysql_fetch_array($result);
            $active=$row['active'];
            $count=mysql_num_rows($result);
        // If result matched $myusername and $mypassword, table row must be 1 row

        if ($row['talent']==1) {
                if ($count==1) {
                    $_SESSION['login_user']=$myusername;
                    header("location: index.php");
                }
                else {
                    $error="Your Email or Password is invalid";
                }
            }    
        elseif ($row['customer']==1) {
                if ($count==1) {
                    $_SESSION['login_user']=$myusername;
                    header("location: recruiter.php");
                }
                else {
                    $error="Your Email or Password is invalid";
                }
            }

        else {
            $error="Your Login Name or Password is invalid";
            }
        }
    ?>

Also, at the top of every page I have this, to make sure only a logged in user can access it.

<?php
session_start();
include('config.php');
$user_check=$_SESSION['login_user'];

$ses_sql=mysql_query("select username from useradmin where username='$user_check' ");

$row=mysql_fetch_array($ses_sql);

$login_session=$row['username'];

if(!isset($login_session)) {
     header("Location: login.php");
  }
?>

Upvotes: 0

Views: 180

Answers (2)

Mike Brant
Mike Brant

Reputation: 71384

You can't just do a comparison like this:

if (['talent']==1)

You likely are wanting to compare like this:

if ($row['talent']==1)

In essence what you were doing was comparing an array with a single element of talent against 1.

Upvotes: 2

Vlad
Vlad

Reputation: 978

It should be if ($row['talent']==1) and elseif ($row['customer']==1)

Upvotes: 1

Related Questions