Different logins / one user table

richardbotw

This will probably tick many people off as I'm using the beautiful Dreamweaver MX which has more code than hot dinners, however I'm wondering if someone can help me out here. I've got a web-site that will have different login areas in separate folders ie: domain.com/pics and domain.com/news and domain.com/info etc. I want to use just ONE user table.

My user table current consists of username and password. I was thinking of adding another field in this table called "area" - and then in this field I could put the area they are suppose to access for each person, eg: "news". Then, on the particular news login form page itself I could have a hidden field which verifies "news" with the entry in the database. Would this work? However... I don't know how to do it in this blasted code...

Here is the code - which bit do I need to be looking at to do this? help would be appreciated.

<?php
// Buzz inet PHPLS01 - Login & Set Session - Recordset
$myUsername_rsLogin = "0";
if (isset($HTTP_POST_VARS['username'])) {
  $myUsername_rsLogin = (get_magic_quotes_gpc()) ? $HTTP_POST_VARS['username'] : addslashes($HTTP_POST_VARS['username']);
}
$myPassword_rsLogin = "0";
if (isset($HTTP_POST_VARS['password'])) {
  $myPassword_rsLogin = (get_magic_quotes_gpc()) ? $HTTP_POST_VARS['password'] : addslashes($HTTP_POST_VARS['password']);
}
mysql_select_db($database_connDB, $connDB);
// Verify Login is correct
$query_rsLogin = sprintf("SELECT Username, Password FROM tbluser WHERE Username = '%s' AND Password = '%s'", $myUsername_rsLogin,$myPassword_rsLogin);
$rsLogin = mysql_query($query_rsLogin, $connDB) or die(mysql_error());
$row_rsLogin = mysql_fetch_assoc($rsLogin);
$totalRows_rsLogin = mysql_num_rows($rsLogin);

// Buzz inet PHPLS01 - Login & Set Session - Main
if($HTTP_POST_VARS['action']=="login"){
	if($totalRows_rsLogin==0){
		$errorMessage = "Sorry the login was unsuccessful please try again.";
		mysql_free_result($rsLogin);
	} else {
		mysql_free_result($rsLogin);
		session_register("varUser");
		$HTTP_SESSION_VARS['varUser'] = $HTTP_POST_VARS['username'];
		header("Location: siteadmin.php");
	}
}
?>

mtimdog

Put a where clause on your query (depending on the dir/page) ...i.e. where area='$var'

richardbotw

Cool thanks I've got this working great now.