Authenticate using Roles

zabidin2

Hi,

I newbies with PHP. So i want to develop php login page and use role to redirect them to their page. It have 3 roles (admin, management, student).

So when user admin login using their id, it will redirect them to their page. But i found other options that we can use role and view menu depend on roles.

The page have menu add, update, delete and view. When roles admin, it can access all menu. Roles management can access menu view, add and update only. For this options i keep search on the net but couldn't found.

So i use simple login page that roles store in mysql. But i keep getting error. This is my code for authenticate:

<?php
$host="localhost"; // Host name 
$userid="root"; // Mysql username 
$password="pmo123"; // Mysql password 
$db_name="system"; // Database name 
$tbl_name="roles"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$userid", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$userid=$_POST['userid']; 
$password=$_POST['password']; 

// To protect MySQL injection (more detail about MySQL injection)
$user = stripslashes($userid);
$password = stripslashes($password);
$userid = mysql_real_escape_string($userid);
$password = mysql_real_escape_string($password);

$sql="SELECT * FROM $tbl_name WHERE username='$userid' and password='$password'";
$result=mysql_query($sql);

if ($roles = 'admin'){
 $link = 'admin.php';}
elseif ($roles = 'management') {
 $link = 'manage.php';}
 else { $link = 'student.php';}

// Mysql_num_row is counting table row
//$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row


if($count==1){
// session Register $myusername, $mypassword and redirect to file "login_success.php"
$_session["username"] = $username;
$_session["password"] = $password;
$_session["roles"] = $result['roles'];
header("Location: ".$link."");
}

else {
echo "Wrong Username or Password";
}
?>

Please assist me to fix this code. I don't have basic programming.

Thanks/.

Weedpacket

What is the exact error you're getting?

zabidin2

After some try and error, i got it work. Error it cannot catch a roles on mysql.