Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <? php include "db.php";
- $msg = "";
- if ($_SERVER['REQUEST_METHOD'] == 'POST')
- {
- $username = $_POST["username"];
- $password = $_POST["password"];
- if ($username == '' || $password == '')
- {
- $msg = "You must enter all fields";
- }
- else
- {
- $sql = "SELECT * FROM users WHERE username = '$username' AND password
- = '$password'";
- $query = mysql_query($sql);
- if ($query == false)
- {
- echo "Could not successfully run query ($sql) from DB: " .
- mysql_error();
- exit;
- }
- $check_user = mysql_num_rows($query);
- if($check_user>0)
- {
- // here you need $run_user data
- // use fetch_ methods, for example `fetch_assoc()`
- $user_data = mysql_fetch_assoc($query);
- // print_r($user_data) to check keys
- if ($user_data["user_role"] == 'admin')
- {
- header("abc.php");
- exit;
- }
- else
- {
- if ($user_data["user_role"] == 'user') {
- header("xyz.php");
- exit;//redirect somehwere else
- }
- else
- {
- if($user_data["username"] != '$username' && $user_data["password"] !=
- '$password')
- {
- echo "invalid username or password";
- exit;
- }`
- here is my abc.php
- <?php
- session_start();
- include "db.php";
- if ((empty($_SESSION['user'])) ){
- header('Location: login.php');
- exit;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement