login level

wortmann

I'm trying to have the following to work:
Login in using a table with login names, pw and authority. Either they are a user and they have a n(no) or they are an administrator and they will have a y(yes) as input for the authorisation(admin_priv).
When they have the authorisation i like them to go to a certain page ad_menu.php but when they do not have the authorisation i'd like them to go to a different page: user.php. and when the login fails they go to failed_login.php

here is the code:

if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['pwd'];
  $MM_fldUserAuthorization = "admin_priv";
  $MM_redirectLoginSuccess = "../ad_menu.php";
  $MM_redirectLoginFailed = "failed_login.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_loginAdmin, $loginAdmin);

What am i doing wrong?

Can i redirect to the ad_menu.php page and then have a look at the priveledges and redirect to user.php (all on the ad_menu.php page) or can i add code here in login.php page that if the login is valid but the authorisation is n (user level) it redirects to a different page. Please help and give me the solution plus code hint.

thanks

bradgrafelman

wortmann;11000904 wrote:
What am i doing wrong?

What you've done wrong is left out a bunch of code. For example, where do you:

Define a SQL query to SELECT the needed information in the DB
Execute that SQL query
Check if that SQL query was successful and, if so, retrieve the results
Examine the results to determine the redirection location (e.g. no results returned -> failed login, result contains 'n' -> normal user login, result contains 'y' -> admin login)
Perform the redirect

wortmann;11000904 wrote:
Can i redirect to the ad_menu.php page and then have a look at the priveledges and redirect to user.php (all on the ad_menu.php page) or can i add code here in login.php page that if the login is valid but the authorisation is n (user level) it redirects to a different page.

I don't see why you would want to do the former with all of that redirecting going on... especially since you'll already have the information to determine where the real destination is. Why over-complicate the code with a bunch of redirects when just a single redirect to the appropriate location will do?

EDIT: Also, when posting PHP code, please use the board's [noparse]

..

[/noparse] bbcode tags as they make your code much easier to read and analyze.