Continuing the discussion from Login Script to redirect based on “role”:
Continuing the discussion from Login Script to redirect based on “role”:
Hello… I think you have the solution to a problem I have, but I’m having a hard time duplicating your effort. I get a blank screen as you have in previous attempts. Would it be possible for you to post all of your “checklogin.php” code so that I can get it to work for my project? Thank you .
Or you could post your code so that people can try to see what’s going wrong for you.
Not to mention you’re quoting from a post from 3 years ago - no, i dont have my code.
This is the premise of my question. I’m trying to attach a specific form to a login and redirect to that form after the login has occurred. I’m new to programming so I’m not sure I’m asking the question correctly. BTW… this code evidently doesn’t work and the code that followed was what I posted earlier. I duplicated it, but it didn’t work either.
y this code…
<?php
$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="RadReq"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
$result=mysql_fetch_array($result);
$role = $result['role'];
//page link on the basis of user role you can add more condition on the basis of ur roles in db
if($role =='Administrator'){
$link = 'newuser.html';
}
elseif($role =='Clinic')
$link = 'rrform.html';
}
// session Register $myusername, $mypassword and redirect to file "login_success.php"
$_session["myusername"] = $myusername;
$_session["mypassword"] = $mypassword;
$_session["role"] = $role;
header("Location: ".$link."");
}
else {
echo "Wrong Username or Password";
}
@wbkski If you’re getting a white page is because your local install of PHP is not configured to show errors. Check this post on StackOverflow.
Basically there’s two things that need to be set: display_errors=On and adding error_reporting(-1); to the top of your code or permanently setting it in your php.ini file. You’re probably running PHP with Apache using something like MAMP or WAMP. Any time you make a change to your php.ini file, you need to restart Apache. Are you running something like WAMP or MAMP?
Once you do that you will probably see the exact error that’s affecting your code. Your most-likely problem is that you it can’t connect to your database. You probably want to put a space before the or’s too in:
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
And if that doesn’t help, add loads of echo statements between each line, just echo something different each time so you can see how far through the code you get before everything stops, then you know where to be looking. For example:
<?php
$debug = true; // shall we display debugging messages?
$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="RadReq"; // Database name
$tbl_name="members"; // Table name
if ($debug) echo "Starting up";
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
if ($debug) echo "Past server connection";
mysql_select_db("$db_name")or die("cannot select DB");
if ($debug) echo "Selected db";
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
if ($debug) print_r($_POST);
... and so on.If you’re starting out, you should also look at mysqli or PDO libraries as a way of accessing your data. PDO and prepared statements will help out with any data sanitising problems, and the older mysql functions that you use in your code are being phased out. Just doesn’t seem much point learning functions that won’t be supported soon.
Thanks guys. I’m using PHPMyAdmin through Hostmonster so I’m not sure how to go about changing the error display. I do get an error file posted in my files area.
I also appreciate the PDO comment. I’m just learning how some of the code I’m seeing is depreciated. That being said, it seems my biggest problem is hooking a variable up to capture my “formid” number in my “members” database and using that number to direct the login to the proper page. Would “switch” help here or am I stuck with “if” statements?
Again, it’s hard to say without seeing the code. I can’t see anything in what you posted that retrieves the formid number. The switch() statement is ideal if you have multiple different options - in my opinion it’s nicer than having lots of if(), else(), elseif() and so on. How far through the code you posted do you get before it starts to go wrong?
Ok…so here is the landing page that the above code brings you to. I changed the name to “select.php”.
<?php
$servername = "localhost";
$username = "actionad_test1";
$password = "wbk99999";
$dbname = "actionad_test";
$tbl_name = "members";
$formid = "formid";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT username, id FROM $tbl_name WHERE formid= 2";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "id: ". $row["id"]. " - Name: ". $row["username"]. " " . $row["password"] . "<br>";
// header("location:http://actionadministration.com/brian/vscconnectform.html");
}
} else {
echo "0 results";
}
$conn->close();
?>
This code works. But I have to manually put in the “formid=2” in the SELECT query. I want to make it so that the formid that is in the database is recognized upon login and the next action would take that person to the correct form. I don’t know how to address and place the variable.
I’m a bit confused. In your code you set session variables containing the username, password and role. If the formid is coming out of the same placed based on that information, can’t you just stick that in another session variable, then retrieve it in the next script? Is the username you retrieve in select.php the same one that you store in the session variable, or a different one?
Are the passwords being stored as plain text? If they are, they should really be stored as a non-reversible hash. What version of php are you using?
They are for right now as this is just a mock-up.
Here’s another attempt. It give me all the names and Id’s, but the switch isn’t recognized.
<?php
$servername = "localhost";
$username = "actionad_test1";
$password = "wbk99999";
$dbname = "actionad_test";
$tbl_name = "members";
$formid = "formid";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT username, id, formid FROM $tbl_name" ;
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "id: ". $row["id"]. " - Name: ". $row["username"]. " " . $row["formid"] . "<br>";
// header("location:http://actionadministration.com/brian/vscconnectform.html");
}
} else {
echo "0 results";
}
$form = $row["formid"];
switch ($form) {
case "1":
header("location:http://actionadministration.com/brian/vscconnectform.html");
break;
case "2":
header("location:http://actionadministration.com/brian/vscconnectform.html");
break;
default:
echo "Your favorite color is neither red, blue, or green!";
}
$conn->close();
?>
So go into standard debugging mode.
Isn’t the value of $form going to be blank in this case? You’ve done a query on the members table, retrieved all rows that were returned via your while() loop, then after the loop has exited (which presumably will have the $row array empty because we’ve hit the end of the recordset) you assign the column value to $form and try to do something with it. I am not completely sure what happens to $row when you try to assign it to the results of fetch_assoc() at the end of the results - whether it will be blank, or whether it will still contain the last row returned from your query.
I mentioned before, if all else fails, keep echoing stuff through you code so you can see where it’s going wrong.
This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.