0

i am new to php. can any one give some idea to do this.

i am having some users in the backend like superadmin,admin, user.
now the thing is that whenever i login as a superadmin i could see everyone profile.
Already i am logging in as a super admin so except superadmin details i should see all others profile.

<?php
ob_start();
?>
<html>
<body>
<form action="login.php" method="post">
<div>
<table width="100%">
<tr>
<td><img src="Logofinalcopy.gif"></td>
</tr>
<tr>
<td bgcolor="aqua"><h2>Login</h2></td>
</tr></table>
<table align="right" style="width:40%">
<br>
<tr>
<td>username:</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>password:</td>
<td><input type="password" name="password"></td>
</tr>
<tr>
<td align="CENTER" COLSPAN="4">
<input TYPE="SUBMIT" name="submit" value="Login">
<input TYPE="reset" name="submit" value="clear"></td>
</tr>
</table>
</div>
</form>
</body>
</html>
<?php
if(isset($_POST['submit']))
{
    $con = @mysql_connect("10.70.1.50","invensis","invensis");
    if (!$con)
    {
        die('Could not connect: ' . mysql_error());
    }
    $con=@mysql_select_db("database_myproject",$con);
    if (!$con)
    {
         die('Could not connect DB: ' . mysql_error());
    }
  $username=$_POST['username'];
  $password=$_POST['password'];
  $username = stripslashes($username);
  $password = stripslashes($password);
  $username = mysql_real_escape_string($username);
  $password = mysql_real_escape_string($password);
  $flag="OK";  
  $msg=""; 
 if(strlen($username) < 1)
   {
          $msg=$msg."Please enter the username<br>";
          $flag="NOTOK"; 
   }
 if(strlen($password) < 1)
   {
        $msg=$msg."Please enter the password<br>";
        $flag="NOTOK";  
   }
  if($flag <>"OK")
  {
    echo "<strong style='color:#FF3333'>"."<left >Please enter Username or Password  </left>"."</strong>";
  }
  else
    {
      $sql="SELECT * FROM users WHERE username='$username' AND password='$password'";
      $result=mysql_query($sql); 
      $count= mysql_num_rows($result);
      if($count==1)
      {
            $sql = mysql_query("SELECT role FROM users WHERE username='$username' AND password='$password'");
            if($info = @mysql_fetch_array($sql))
            {
                if($info['role']=='0')
                {
                    @header('location: [url]http://localhost/Project/Superadmin.php');[/url]
                } 
                else if($info['role']=='1')
                {
                    @header('location: [url]http://localhost/Project/Admin.php');[/url]
                } 
                else if($info['role']=='2')
                {
                    @header('location: [url]http://localhost/Project/User.php');[/url]
                } 
            }
            else
            {
                ob_end_flush();    
            }    
      } 
     else 
     {
           echo "<strong style='color:#FF3333'>Incorrect User Name OR Password</strong>";
     }

}
}
?>

Edited by mike_2000_17: Fixed formatting

2
Contributors
1
Reply
2
Views
7 Years
Discussion Span
Last Post by webexpertzhere
0

Check if this answers your query:

after you verify the login credentials, connect to the database.
Decide if you want to display all the details of each profile or you want to display only few details of every profile.
Depending on this change your select query accordingly.

If you want to display all the details, use
SELECT * from TABLE-NAME
where TABLE-NAME should represent the table which contains all the profile details stored

If you want to display only a few details, change your select query accordingly. Eg : You require only Name and Mobile No
SELECT Name, Mno from TABLE-NAME
where TABLE-NAME should represent the table which contains all the profile details stored and Name and Mno should be the names of the columns used.

This will retrieve the details of all the profiles stored in the table. Use a while loop to loop through the details and use a table to display the details.

Given below is a sample code for this:

<?
//Connect to the databse before performing these actions

$query = sprintf("SELECT FirstName, LastName, Email FROM $table_name");
$result = mysql_query($query);
if($result)
{
	while($row = mysql_fetch_array($result))
	{
		$fname = $row['FirstName'];
		$lname = $row['LastName'];
		$email = $row['Email'];
	?>
	<table width="99%" border="0" cellpadding="0" cellspacing="0">
		<tr>
			<td width="30%"><?php echo("$fname"); ?></td>
			<td width="30%"><?php echo("$lname"); ?></td>
			<td width="30%"><?php echo("$email"); ?></td>
		</tr>
	</table>
	<?
	}
}
?>
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.