Evening All
I’ve always wanted to have my own little login page, and now i’ve got one, from the wonderful world of dreamweaver. Anyways that put to one side, what I would like to know are their ways in which you can assign differnt login success pages.
So for example if I were to login as admin, I’d getter a different page than if I were to login as stu. If anyone could help that would be brilliant.
Normally access control is separate somewhat from login. What a validated logged in user can access is usually determined on each page load after it has been determined that they are logged in. There are a number of ways to handle access control. There are also some pre-written solutions both built into frameworks and standalone. Do some searching and you should find plenty of material on it.
If I’m understanding your question right, you’ll just want to put an conditional block right below where dreamweaver registers the username and user group in the session. Something like:
//register the session variables
session_register("MM_Username");
session_register("MM_UserGroup");
//add something like this
if ($MM_UserGroup == 'admin') {
header("Location: admin.php" );
}else{
header("Location: main.php" );
}
Nice…like webgambit said, an if condition will do to redirect your users from the page you wanted to.
Sort of, what I want, is to give users their own profile, can I do that just from the login script dreamweaver makes?
Just a note on the code webgambit posted. It contain mostly legacy code.
Use $_SESSION instead of session_register, and make sure register_globals is turned off.
<?php require_once('Connections/connection.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}
if (isset($_POST['userName'])) {
$loginUsername=$_POST['userName'];
$password=$_POST['userPassword'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "welcome.php";
$MM_redirectLoginFailed = "nologin.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_connection, $connection);
$LoginRS__query=sprintf("SELECT userName, userPassword FROM tblusers WHERE userName=%s AND userPassword=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));
$LoginRS = mysql_query($LoginRS__query, $connection) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>
This is the code that dreamweaver has generated to allow the users to login, can anyone point me in the direction of where the $_SESSSION bits should go 
Find this code block:
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
Replace it with: (warning: untested code below)
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}elseif ($_SESSION['MM_UserGroup'] == 'admin') {
$MM_redirectLoginSuccess = 'url-to-admin-page.php';
}else{
$MM_redirectLoginSuccess = 'url-to-user-page.php';
}
header("Location: " . $MM_redirectLoginSuccess );
Now, what I did isn’t how I would normally do it, but in this instance I wanted to follow along with the Dreamweaver code/logic, and it should work fine.
As for directing the users to a profile page, there’s a couple different ways that could be done. The simplest way, I think, would be to build a single profile page and at the beginning of the page insert Dreamweaver’s access check to ensure the person is logged in. Then have Dreamweaver create a recordset in which you’ll search for the record with the same username as the one that’s stored in $_SESSION[‘MM_Username’]. Then populate the page based on the information from that recordset.
The main downside to this is that it doesn’t give the user a profile page that they can bookmark.
HTH
What I would like is the sort of login script myspace uses, so you have all the options that are you are aloud to have where as user A might have premium tools etc. If anyone can help that would be great
If you’re wanting a myspace clone just search around the net. There are scripts already out there that you can get free/cheap. One option would be to take a look at Drupal. It can be made to do most of the same things as myspace and you won’t have to code much if any.
Check out this link for a great set of extensions for DW that do just what you’re looking for (It’s Security Assist, which is a part of the Super Suite extensions but can be bought separately). They handle all the login functions and you can validate and redirect based on a variety of conditions. They’ve saved me a great deal of time, that’s why I promote them.