how to redirect people to different pages depending on a condition

escolta

Right now i have a login page in wich after you enter an existing user and ID then you are redirected to another php page wich is called infouser.php

what i want is to do is before sending people to infouser.php check wich company they belong to, (on table employees_selex there`s a field called company with that info) if they are on Cemex Mexico or Cemex Central its ok if they are sent to infouser.php but if they are working with any othe companies at all then i want to send them to infouser2.php

any clues on what to add to this code?
show me your wisdom master yoda

ThankS!!

<?php 
if ($submit) 
{     

$dbcnx = mysql_connect("localhost", "selex", "mypassword"); 
mysql_select_db("selex", $dbcnx); 


$strSQL = 'SELECT user, ID from employees_selex where user = "' . $_POST['user'] . '" and ID = "' . $_POST['pass'] . '"' ; 
$res = mysql_query($strSQL); 
$x = @mysql_num_rows($res); 


if ($rs= @mysql_fetch_array($res)) 
{ 
$_SESSION['user'] = $rs['user']; 
$_SESSION['pass'] = $rs['ID']; 


echo "<script> 
location.href='infouser2.php?band='+1+'' 
</script> 
"; 
    while ($row = mysql_fetch_assoc($res)) { 
   echo $row["Employee"]; 
} 
} //end if session 
elseif ($x=='0') 
{ 
    $error = "Verify Username and Password"; 
    echo $error; 
}//end if error login 

}//end submit 

?>

bbreslauer

Add to the SQL Select query code to get the company name. Then, below, after setting the session variables, use this code:

if ($rs['company'] == "company name") {
    // redirect to infouser.php
} else {
    // redirect to infouser2.php
}

Also, it's generally considered a lack of security to store passwords in a database in plaintext. For more security, they should be passed through a one-way hash, such as md5. If you absolutely need to be able to know what the password is, then it should use some form of encryption, with a hard-to-guess seed.

escolta

ok this is working now
...thank you....code below shows how it`s done, only question now is how to change this line

if ($_SESSION['companyname'] == 'Cemex Mexico')

to something like

Like if ($_SESSION['companyname'] == 'Cemex Mexico' or 'Cemex Central' )

this is how was done

$strSQL = 'SELECT company, user, ID from employees_selex where user = "' . $_POST['user'] . '" and ID = "' . $_POST['pass'] . '"' ; 
    $res = mysql_query($strSQL); 
    $x = @mysql_num_rows($res);

first company was added to the SQL Select query code to get the company name. Then, after setting the session variables, this code was used:

so first company was added to the SQL Select query code to get the company name. Then, below, after setting the session variables, use this code was used:

PHP Code:
if ($rs= @mysql_fetch_array($res)) 
{ 
$_SESSION['user'] = $rs['user']; 
$_SESSION['pass'] = $rs['ID']; 
$_SESSION['companyname'] = $rs['company']; 


if ($_SESSION['companyname'] == 'Cemex Mexico') { 
    // redirect to infouser.php 



echo "<script> 
location.href='infouser.php?band='+1+'' 
</script> 
"; 

} else { 


echo "<script> 
location.href='infouse2r.php?band='+1+'' 
</script> 
"; 

// redirect to infouser2.php 
}   


while ($row = mysql_fetch_assoc($res)) { 
   echo $row["Empleado"]; 
} 
} //end if session y redireccion para desplegar informacion en la otra pagina con bandera para identificar si se llego a esa pagina por medio de esta 

elseif ($x=='0') 
{ 
    $error = "Verifica tu Username y Password"; 
    echo $error; 
}//end if error login 

}//end submit 

?>

bbreslauer

I'm glad to hear that it works now!

In response to the OR operator in the if statement, this is how you would do that:

if ($_SESSION['companyname'] == 'Cemex Mexico' || $_SESSION['companyname'] == 'Cemex Central' )

The || is the OR operator, and you need to make sure you use the variable on the left side again, otherwise you may get unexpected results.

escolta

ok, thanks, i tried that, but strangely it always sents you to infouser2.php no matter what, even if employee is on Cemex Central or Cemex Mexico

escolta

sorry, you were right and its working

error was something else , i was using:

if ($_SESSION['companname'] == 'Cemex Mexico' || $_SESSION['companname'] == 'Cemex Central' )

instead of

if ($_SESSION['companyname'] == 'Cemex Mexico' || $_SESSION['companyname'] == 'Cemex Central' )

amirimtiaz

hi escolta,
My name is Amir.....im a university student....im havin my project....so for tht im stuck in login thng....its tht i hav to apply conditions in login page if a person vd 07* reg is login so it shud show 2007 courses.....n if vd 06 reg so it shud show 2006 courses.....im using mysql....and php....so cn u send me same sample codes of it soon by tomorrow...thnx mate...

Regards,
Amir Imtiaz

(email removed -- MOD)