General SQL Development
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
 
User Name:
Password:
Remember me
 
Go Back   Dev Articles Community ForumsDatabasesGeneral SQL Development
Reload this Page

send user to a page based on level

Discuss send user to a page based on level in the General SQL Development forum on Dev Articles.
send user to a page based on level General SQL Development forum to discuss Oracle, PostgreSQL, and platform independent SQL related questions. Learn to utilize the power of SQL to manipulate relational databases.

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
« Previous Thread | Next Thread »  
Thread Tools Search this Thread Display Modes
 
Unread Dev Articles Community Forums Sponsor:
Stay one step ahead of the competition. Evaluate and give feedback on some of the hottest web development tools on the market today. Make your opinion heard! Click Here
  #1  
Old May 4th, 2004, 07:40 AM
jasboy jasboy is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
  
Join Date: May 2004
Posts: 1 jasboy User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 0
send user to a page based on level
hi there

I am trying to direct users who login to specific pages based on the access level that i have given them in the 'level' field of the table 'members'. 1 should go to admin.php ; 2 should go to member.php ; 3 should go to superMember.php

...however, the if statements don't seem to be working and i don't know what i'm doing wrong.
can anyone help me on this please??

here's the code for the login page


<?php require_once('Connections/ftpsite.php'); ?>
<?php
mysql_select_db($database_ftpsite, $ftpsite);
$query_rsMembers = "SELECT * FROM members";
$rsMembers = mysql_query($query_rsMembers, $ftpsite) or die(mysql_error());
$row_rsMembers = mysql_fetch_assoc($rsMembers);
$totalRows_rsMembers = mysql_num_rows($rsMembers);

// *** Start the session
session_start();
// *** Validate request to log in to this site.
$FF_LoginAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING']) && $HTTP_SERVER_VARS['QUERY_STRING']!="") $FF_LoginAction .= "?".htmlentities($HTTP_SERVER_VARS['QUERY_STRING']);
if (isset($HTTP_POST_VARS['textfield'])) {
$FF_valUsername=$HTTP_POST_VARS['textfield'];
$FF_valPassword=$HTTP_POST_VARS['textfield2'];
$FF_fldUserAuthorization="";
$FF_redirectLoginSuccess="members.php";
$FF_redirectLoginFailed="error.php";
$FF_rsUser_Source="SELECT user, pass ";
if ($FF_fldUserAuthorization != "") $FF_rsUser_Source .= "," . $FF_fldUserAuthorization;
$FF_rsUser_Source .= " FROM members WHERE user='" . $FF_valUsername . "' AND pass='" . $FF_valPassword . "'";
mysql_select_db($database_ftpsite, $ftpsite);
$FF_rsUser=mysql_query($FF_rsUser_Source, $ftpsite) or die(mysql_error());
$row_FF_rsUser = mysql_fetch_assoc($FF_rsUser);
if(mysql_num_rows($FF_rsUser) > 0) {
// username and password match - this is a valid user
$MM_Username=$FF_valUsername;
session_register("MM_Username");
if ($FF_fldUserAuthorization != "") {
$MM_UserAuthorization=$row_FF_rsUser[$FF_fldUserAuthorization];
} else {
$MM_UserAuthorization="";
}
session_register("MM_UserAuthorization");
if (isset($accessdenied) && false) {
$FF_redirectLoginSuccess = $accessdenied;
}
mysql_free_result($FF_rsUser);
session_register("FF_login_failed");
$FF_login_failed = false;
header ("Location: $FF_redirectLoginSuccess");
exit;
}
mysql_free_result($FF_rsUser);
session_register("FF_login_failed");
$FF_login_failed = true;
header ("Location: $FF_redirectLoginFailed");
exit;
}
?>
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="../type.css" rel="stylesheet" type="text/css">
</head>

<body bgcolor="#999999" leftmargin="0" topmargin="0">
<table width="600" height="400" border="0" cellspacing="30">
<tr>
<td align="center" valign="middle"> <form action="<?php echo $FF_LoginAction?>" name="form1" method="POST">
<table width="228" border="0" cellpadding="0" cellspacing="5">
<tr>
<td colspan="2" class="bold"><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td height="40" valign="top" class="title">Welcome to my FTP
Site</td>
</tr>
</table></td>
</tr>
<tr>
<td width="65" class="bold">username:</td>
<td width="226"><input name="textfield" type="text" size="18"></td>
</tr>
<tr>
<td class="bold">password:</td>
<td><input name="textfield2" type="text" size="18"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</form>
<p>&nbsp;</p></td>
</tr>
</table>
</body>
</html>
<?php
mysql_free_result($rsMembers);
?>


...and here's the page (members.php) that it goes to if successful


<?php require_once('Connections/ftpsite.php'); ?>
<?php
// *** Restrict Access To Page: Grant or deny access to this page
$FF_authorizedUsers=" ";
$FF_authFailedURL="error.php";
$FF_grantAccess=0;
session_start();
if (isset($HTTP_SESSION_VARS["MM_Username"])) {
if (true || !(isset($HTTP_SESSION_VARS["MM_UserAuthorization"])) || $HTTP_SESSION_VARS["MM_UserAuthorization"]=="" || strpos($FF_authorizedUsers, $HTTP_SESSION_VARS["MM_UserAuthorization"])) {
$FF_grantAccess = 1;
}
}
if (!$FF_grantAccess) {
$FF_qsChar = "?";
if (strpos($FF_authFailedURL, "?")) $FF_qsChar = "&";
$FF_referrer = "Restricted Area";
$FF_authFailedURL = $FF_authFailedURL . $FF_qsChar . "accessdenied=" . urlencode($FF_referrer);
header("Location: $FF_authFailedURL");
exit;
}

$colname_rsMember = "1";
if (isset($HTTP_SESSION_VARS['level'])) {
$colname_rsMember = (get_magic_quotes_gpc()) ? $HTTP_SESSION_VARS['level'] : addslashes($HTTP_SESSION_VARS['level']);
}
mysql_select_db($database_ftpsite, $ftpsite);
$query_rsMember = sprintf("SELECT * FROM members WHERE `user` = '%s'", $colname_rsMember);
$rsMember = mysql_query($query_rsMember, $ftpsite) or die(mysql_error());
$row_rsMember = mysql_fetch_assoc($rsMember);
$totalRows_rsMember = mysql_num_rows($rsMember);


if ((isset($HTTP_SESSION_VARS['level'])) && ($HTTP_SESSION_VARS['level']==1)) { ?>
<meta HTTP-EQUIV="refresh" CONTENT="1; URL=admin.php">
<?php }

if ((isset($HTTP_SESSION_VARS['level'])) && ($HTTP_SESSION_VARS['level']==2)) { ?>
<meta HTTP-EQUIV="refresh" CONTENT="1; URL=member.php?user=<?php echo $HTTP_SESSION_VARS['user']; ?>">
<?php }

if ((isset($HTTP_SESSION_VARS['level'])) && ($HTTP_SESSION_VARS['level']==3)) { ?>
<meta HTTP-EQUIV="refresh" CONTENT="1; URL=superMember.php?user=<?php echo $HTTP_SESSION_VARS['user']; ?>">
<?php }

?>
<head>
<title>Member</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="type.css" rel="stylesheet" type="text/css">
<link href="stuff3/type.css" rel="stylesheet" type="text/css">
</head>

<body bgcolor="#999999" leftmargin="0" topmargin="0">
<table width="600" height="400" border="0" cellspacing="30">
<tr>
<td align="center" valign="middle"></td>
</tr>
</table>
</body>
<?php
mysql_free_result($rsMember);
?>
Reply With Quote
Reply

Viewing: Dev Articles Community ForumsDatabasesGeneral SQL Development > send user to a page based on level

« Previous Thread | Next Thread »

Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Linear Mode Linear Mode
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump


Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 





© 2003-2008 by Developer Shed. All rights reserved. DS Cluster 3 hosted by Hostway