Admin & Staff headers for login...

evo4ever

Hey ppl. Im currently working on a way to enhance my login system. Each user has a status... either Admin or Staff. When a user logs in a want them to get directed to a section relevant to thier status.

Example.:
If an admin logs in they will get directed to the admin section of the site... which is were all the administrative features are. However if a staff member logs in they get directed to the staff section.

(Obviously the admin section will have all the stuff the staff section has but with the admin tools).

My code:

<?php
	if($Submit=="Login"){
		session_start();

	$statusCheck = check_login($HTTP_POST_VARS); 
	if ($statusCheck == "Admin" || $statusCheck == "Staff"){
		session_register("statusCheck");
		header("location: members.php");

	}
}
?>
<?
	function check_login($formdata) {

	$dbhost = "";
	$dbuser = "";
	$dbpassword = "";
	$db = "";

	$form_data = trim_data($formdata);
	$user = $form_data['username'];
	$password = $form_data['password'];

	$mysql = mysql_connect($dbhost, $dbuser, $dbpassword);  
	if(!$mysql) {
		$error = "Cannot connect to Database Host";
		return($error);
	}

	$mysqldb = mysql_select_db($db);
	if(!$mysqldb) {
		$error = "Cannot open Database";
		return($error);
	}

	$myquery = "SELECT * FROM cph_members WHERE username = '" . $user . "' AND password = '" . crypt($password,"DWMXPHP") . "'";				
	$result = mysql_query($myquery);
	if (!$result){
		$error = "Cannot run Query";
		return($error);
	}

	$numRows = mysql_num_rows($result);
	if ($numRows < 1){
		$error = '<font face="Palatino Linotype" color="#FF0000" size="2"><b>User name or password not recognised</b></font>';	
		return($error); }

	$userRecord = mysql_fetch_array($result);
	$status = $userRecord["status"];
	return($status);
	}									
?>

If you have a look at the statusCheck variable, it sets the admins and the staff to the same header. What I want to do is set separet headers for the admin and staff.

I've tried altering it to this:

<?php
	if($Submit=="Login"){
		session_start();

	$statusCheck = check_login($HTTP_POST_VARS); 
	if ($statusCheck == "Staff"){
		session_register("statusCheck");
		header("location: members.php");
	if ($statusCheck == "Admin"){
		session_register("statusCheck");
		header("location: admin.php");
	}		
}
}
?>

The problem is that when I try and login I get redirected to the display.php page becuase no session is set! why? I've also tried using an elseif for admin instead of if, that that didnt work either... i got a parse error from it! Any suggestions? thx!

raymie

I would probably try something like

    if($Submit=="Login"){
        session_start();

    $statusCheck = check_login($HTTP_POST_VARS); 
    switch ($statusCheck)
    {
       case "Admin" :   session_register("statusCheck");
                                 header("location: admin.php");
                                 break;
      case "Staff"    :   session_register("statusCheck");
                                 header("location: members.php");
                                 break;
      default :              break;
    }
}
}

and in your example it looks like there is a } missing after the first of the altered if's and before the second.

acidbox

Originally posted by evo4ever
trim_data($formdata);

What does that do?

evo4ever

I tried your switching method, but it didnt work! If you login as an admin you get directed to the admin section correctly, but if your login as staff then you get redirected to the display.php page. Now this is were I got confused... I call the $statusCheck variable on the page when its been set. So when I login as admin, the word Admin gets echo'ed on the main page... (just to make sure the statuscheck has been set). When I login as staff I get directed to the display.php page and I get the word Staff echo'ed on the page! For some reason, the code wont run the staff header! why? thx.

raymie

My next guess would be that the 'status' field on your database does not actually contain the word 'Staff' (with the uppercase S).

Either that of I would suspect that the member page is directing back to the other page.

evo4ever

🙂🙂🙂 You have just solved my problem!!! its "staff" not "Staff", the s is in lower case! Thankyou for your help! 🙂

mahendrakalkura

this case sensitive thing is the only worst thing in the *nix side of the world

for once i thank win* side of the world for it aint case sensitive

anyway who the hell on this world is going to keep the same name with different case for 2 variables

lol

example would be

$Time = $time + $timE

lol