Login Script w/ page redirection

annabug

-- resolved. TY for your suggestion! -- annabug

Hi.

I will admit straight on that I'm a complete newbie at PHP / MySQL. I' m learning as fast as I can but alot still escapes me.

I am in need of help in forming a script that will log users in securely and redirect each user to a user-specific page if login is successful. For example - login: user1 would be redirected to http://www.mydomain.com/users1.php or user1.html

I understand setting up the table with 3 variables - username / password / destinationpage. But how do I get it to redirect after the login?

Can someone provide the script fo rme to edit or point me in the right direction?

Thank you so much

-- Anna in WA

rincewind456

Something like this will do the job

<?php
session_start();

//Do Your Database Connection Here

if (isset($_POST['login'])){


foreach($_POST as $key => $val)
{
	$_SESSION[$key] = $val;
}

if ($_POST['username']=='' || $_POST['password'] ==''){

	$errors = "Please fill in both fields.";
	header('Location:'.$_SERVER['PHP_SELF']);
}
// Make a safe query password is sha1 encrypted
$query = sprintf("SELECT * FROM users
	WHERE username=%s AND password=%s",
quote_smart($_POST['username']),
quote_smart(sha1($_POST['password'])));

$result = mysql_query($query) or die(mysql_error());

$num_rows = mysql_num_rows($result);

if($num_rows ==0) {
	echo "Please try again your <li>Username</li>
	<li>Password</li> combination is invalid!";
} else {
	while ($row = mysql_fetch_array($result)) {

		$_SESSION['username'] = $row['username'];
		$_SESSION['level'] = $row['level'];
		$_SESSION['login'] = true ;
	}


	switch ($_SESSION['level']){ //compare access level

		case 1:
		header('Location: users1.php');	//redirect
		break;
		case 2:
		header('Location: users2.php');	//redirect
		break;
		case 3:
		header('Location: users3.php');	//redirect
		break;
		default:
		header('Location: login.php');	//Not really needed, but it's best to have a default
	}

}
} else {

?>


<!--THIS SNIPPET GOES WHERE YOU WANT ERRORS TO SHOW-->
<?php if (isset($errors)) {
	echo $errors."<br />";

}
?>
<!--END OF SNIPPET-->

<form method="post" action="">
<input type="text" name="username" size="20"
<?php if(isset($_POST['username'])) {
	echo "value=\"".$_POST['username']."\"";

}
?>>
<br />
<input type="password" name="password" size="20">
<br />
<input type ="submit" name="login" value="Login">

</form>

<?php
}
?>

You will need a database with fields of username, password and level.