Member Avatar for niths

hi am new to php. what my query is i am doing login page. whenever i login as some person, except that person details i should see every other persons details.

<?php
ob_start();
?>
<html>
<body>
<form action="login.php" method="post">
<div>
<table width="100%">
<tr>
<td><img src="Logofinalcopy.gif"></td>
</tr>
<tr>
<td bgcolor="aqua"><h2>Login</h2></td>
</tr></table>
<table align="right" style="width:40%">
<br>
<tr>
<td>username:</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>password:</td>
<td><input type="password" name="password"></td>
</tr>
<tr>
<td align="CENTER" COLSPAN="4">
<input TYPE="SUBMIT" name="submit" value="Login">
<input TYPE="reset" name="submit" value="clear"></td>
</tr>
</table>
</div>
</form>
</body>
</html>
<?php
if(isset($_POST['submit']))
{
 $con = @mysql_connect("10.70.1.50","invensis","invensis");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
 $con=@mysql_select_db("database_myproject",$con);
if (!$con)
  {
  die('Could not connect DB: ' . mysql_error());
  }
  $username=$_POST['username'];
  $password=$_POST['password'];
  $username = stripslashes($username);
  $password = stripslashes($password);
  $username = mysql_real_escape_string($username);
  $password = mysql_real_escape_string($password);
  $flag="OK";  
  $msg=""; 
 if(strlen($username) < 1)
   {
          $msg=$msg."Please enter the username<br>";
          $flag="NOTOK"; 
   }
 if(strlen($password) < 1)
   {
        $msg=$msg."Please enter the password<br>";
        $flag="NOTOK";  
   }
  if($flag <>"OK")
  {
    echo "<strong style='color:#FF3333'>"."<left >Please enter Username or Password  </left>"."</strong>";
  }
  else
    {
      $sql="SELECT * FROM users WHERE username='$username' AND password='$password'";
      $result=mysql_query($sql); 
      $count= mysql_num_rows($result);
      if($count==1)
      {
            $sql = mysql_query("SELECT role FROM users WHERE username='$username' AND password='$password'");
            if($info = @mysql_fetch_array($sql))
            {
                if($info['role']=='0')
                {
                    @header('location: [url]http://localhost/Project/Superadmin.php');[/url]
                } 
                else if($info['role']=='1')
                {
                    @header('location: [url]http://localhost/Project/Admin.php');[/url]
                } 
                else if($info['role']=='2')
                {
                    @header("location: http://localhost/Project/User.php");
                } 
            }
            else
            {
                ob_end_flush();    
            }    
      } 
     else 
     {
           echo "<strong style='color:#FF3333'>Incorrect User Name OR Password</strong>";
     }

}
}
?>
Edited by mike_2000_17 because: Fixed formatting
  • 2 Contributors
  • 1 Reply
  • 59 Views
  • 7 Hours Discussion Span
  • Latest Post Latest Post by cwarn23
Member Avatar for cwarn23

Could you please explain in more details what your problem is because I don't have a clue.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.