As usual I forgot the most important part... Add
session_start()
just above the
if($_POST['login']) {
row, or it won't work at all.. ;) Or rather, it'll work, but no sessions will be saved.
Mike
On Apr 27, 2004, at 08:48, Mikael Grön wrote:
Here you go:
Table:
ID Login PW Admin 1 admin abc123 1 2 normal bcd234 0 3 normal2 cde345 0
PHP:
[BOF]
<?php
if($_POST['login']) {
$result = mysql_query("select * from users where login = '" . $_POST['login'] . "'") or die(mysql_error());
if (mysql_num_rows($result)) {
$data = mysql_fetch_array($result);
if ($data[2] == $_POST['pw']) {
$_SESSION['login'] = $data[1];
if ($data[3]) {
$_SESSION['admin'] = true;
}
header("Location: logged_in.php");
exit;
} else {
$error = "Wrong password";
}
} else {
$error = "No such user!";
}
}
if ($error) {
echo "<span class=\"loginError\">$error</span><br />";
}
?>
<html>
<head>
<title>Login Script by emgee@xxxxxxxxxxx</title>
<style>
<!--
.error {
color: #ff0000;
}
-->
</style>
<head>
<body bgcolor="#FFFFFF">
<form action="login.php" method="post">
Login name: <input type="text" name="login" value="<?php echo $_POST['login'] ?>" /><br />
Password: <input type="password" name="pw" /><br />
<input type="submit" value="Login >" /><br />
</form>
</body>
</html>
[EOF]
In your admin system, just check for the variable $_SESSION['admin']. If true, the user is admin and can do cool stuff.. ;)
I don't care about just having given you a lot of script, since I write at least 3 of these per week.
And, make sure there is nothing echoed either by PHP or HTML before the login script (or else the redirecting upon successful login won't work)
Regards, Mike
On Apr 27, 2004, at 01:15, andy amol wrote:
hi,
does anyone have a login script which will take data from the table and decide whether the given user is a admin or a normal user.
thanks in advance.
Also if there is some help on session variable I would like to know.
--------------------------------- Do you Yahoo!? Win a $20,000 Career Makeover at Yahoo! HotJobs
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php