Tell me more ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 0 down vote favorite
1

Right now my login page is working fine. If both username and password are correct it returns a value of 1 and direct you to a page called studentloggedin.php In my database table i have a field called 'occupation' where there are two values: 'student' or 'lecturer'.

My problem is to create an if statement where if the user is a student it direct me to studentloggedin.php else it directs you to lecturerloggedin.php

I already tried to do a query but it isn't working.. please help :) MY code is here:

<?php 
session_start();
//*********Server Information to establish a connection ******

$host        =    'localhost';
$user        =    'kurtfarrugia';
$password    =    '1234';
$database    =    'kurt_farrugia';

$link = mysql_connect($host,$user,$password) or die('Error in Server information');
mysql_select_db($database,$link) or die('Can not Select Databasse');

//***************End Connection Establishment***************************************
//*******Form Information********

$userName = mysql_real_escape_string($_POST['username']); //User Name sent from Form
$password = mysql_real_escape_string($_POST['password']); // Password sent from Form

$rememberMe = strip_tags($_POST['rememberMe']);
setcookie("username", $_POST['username']);

//*********retrieving data from Database**********

$query = "select * from tbladmin where admin_usr_name='$userName' and          
admin_pwd='$password'";

$res = mysql_query($query);

$rows = mysql_num_rows($res);

//**********it ensures that the script does not continue unless the username varaible     is not null and not empty
if (!empty($_POST['username'])) {
    $username = mysql_real_escape_string(strip_tags(trim($_POST['username'])));
} else {
    //die('Hey turd, go back and fill in your username!');
    header( "Location: login_fail2.php" ); die;
}

/*if ($rememberMe) {
    setcookie("loggedIn", "yes", time()+3600);

    header ("Location: studentloggedin.php" ); die;
             }
else {
     echo "Username and/or password is incorrect.";
}


if ($_COOKIE['loggedIn'] == "yes") {
    header ("Location: studentloggedin.php" );
    die();
}
*/
// HERE is the query 

//$result2 = mysqli_query($con,"SELECT occupation FROM tbladmin WHERE admin_usr_name    ='$username'" == 'student');
//$row == mysqli_fetch_array($result)

//**********if $userName and $password will match database, The above function will    return 1 row
if($rows==1)
//{
{
 //***if the userName and password matches then register a session and redrect user to    the studentloggedin.php

 //$_SESSION['userName'];
 //$_SESSION['password'];

    header("location:studentloggedin.php");
}
//}

else
{
    header( "Location: login_fail2.php" ); die;
}

?>
share|improve this question
2  
please stop using mysql_* functions .. switch to PDO or mysqli_* –  Let's Code Apr 10 at 11:31
 
try changing header("location:studentloggedin.php"); to header("Location: studentloggedin.php"); - got a feeling HTTP headers are fussy –  verbumSapienti Apr 10 at 11:37

3 Answers

up vote 0 down vote

Just try below:

$result2 = mysqli_query($con,"SELECT occupation FROM tbladmin WHERE admin_usr_name    ='$username'");


$rows = $result2->num_rows;

if($rows==1) 
  header("location:studentloggedin.php");
else
 header("location:lecturerloggedin.php");
share|improve this answer
 
There's no need for the second query, you can get that info from the first query, and you just need to add the if in there. –  Mihai Ionescu Apr 10 at 11:38
 
You have a logic flaw in your code, you need to check the occupation not the number of rows returned. –  Mihai Ionescu Apr 10 at 11:48
up vote 0 down vote

Here's the part that you need

if (!isset($_POST['username']) || $_POST['username'] != '') {
    // redirect back to the form
}
if (!isset($_POST['password']) || $_POST['password'] != '') {
    // redirect back to the form
}

$userName = mysqli_real_escape_string($_POST['username']); 
$password = mysqli_real_escape_string($_POST['password']);

$query = "SELECT * FROM tbladmin WHERE admin_usr_name = '$userName' AND          
      admin_pwd = '$password'";

$res = mysqli_query($query);
$numrows = mysqli_num_rows($res);

if ($numrows == 1) {
    // here you can add the code with remember me
    $dataRow = myqli_fetch_row($res);
    $username = $dataRow['admin_usr_name'];

    if ($dataRow['ocupation'] == 'student') {
        // redirect to student php file
        exit;
    } else {
        // redirect to lecturer
        exit;
    }
} else {
   // redirect to login incorrect
   exit;
}
share|improve this answer
up vote 0 down vote

There is a mistake in your query:

//$result2 = $mysqli_query($con,"SELECT occupation FROM tbladmin WHERE admin_usr_name    ='$username'" == 'student');
//$row == mysqli_fetch_array($result)

you can't use = to something == to something else.

here is the entire code as i think should work

<?php 
session_start();
//*********Server Information to establish a connection ******

$host        =    'localhost';
$user        =    'kurtfarrugia';
$dbpassword    =    '1234';
$database    =    'kurt_farrugia';

//Open connection   
$mysqli = new mysqli($host, $user, $dbpassword, $database);
if (mysqli_connect_errno()) 
{
    printf("Connection failed: %s\n", mysqli_connect_error());
    exit();
}

//***************End Connection Establishment***************************************
//*******Form Information********

$userName = mysql_real_escape_string($_POST['username']); //User Name sent from Form
$userPassword = mysql_real_escape_string($_POST['password']); // Password sent from Form

// $rememberMe = strip_tags($_POST['rememberMe']);
setcookie("username", $_POST['username']);

//*********retrieving data from Database**********


$result2 = $mysqli->query("SELECT * FROM `tbladmin` WHERE `admin_usr_name` = '".$userName."' and `admin_pwd` = '".$userPassword."'");
if($row = $result2->fetch_assoc())
{
    if($row['occupation'] == 'student')
    {
        // redirect logged student
    }
     else if($row['occupation'] == 'lecturer') 
    {
        // redirect logged lecturer 
    }
} 
else
{
     //username doesn't exist redirect to fail page
}

//**********it ensures that the script does not continue unless the username varaible    
is not null and not empty
if (!empty($_POST['username'])) {
$username = mysql_real_escape_string(strip_tags(trim($_POST['username'])));
} else {
    //die('Hey turd, go back and fill in your username!');
        header( "Location: login_fail2.php" ); die;
    }
?>
share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.