single login page for Admin and user

1) In you users table store the user type
2) while checking for loging creadentials against database, if username and password is correct, check the usertype.
3) if admin redirect to admin page, if user, redirect to user page
4) and do store the usertype in session for checking on other pages

Do you have any sample code..sorry I am a newbie!!!!

I dont have. You can post your code, whatever you have done till now and then people can tell you the modifications. Chances of someone giving you the entire code tailored to your need are very less.

This is the code.When I call index.php page it goes to newAdmin.php page..Can you help

<?php

// Inialize session
session_start();

// Include database connection settings
include('configg.php');

// Retrieve username and password from database according to user's input
$login = mysql_query("SELECT * FROM user WHERE (UserName = '" . mysql_real_escape_string($_POST['username']) . "') and (Password = '" . mysql_real_escape_string(md5($_POST['password'])) . "')");

// Check username and password match
if (mysql_num_rows($login) == 'admin') {
// Set username session variable
$_SESSION['username'] = $_POST['username'];
// Jump to secured page
header('Location:newAdmin.php');
}
else
if (mysql_num_rows($login) == 'user') {
// Set username session variable
$_SESSION['username'] = $_POST['username'];
// Jump to secured page
header('Location:user.php');
}
else {
// Jump to login page
header('Location: ind.php');
}

?>
<html>

<head>
<title></title>
</head>

<body>

<h3>User Login</h3>

<table border="0">
<form method="POST" action="ind.php">
<tr><td>Username</td><td>:</td><td><input type="text" name="username" size="20"></td></tr>
<tr><td>Password</td><td>:</td><td><input type="password" name="password" size="20"></td></tr>
<tr><td>&nbsp;</td><td>&nbsp;</td><td><input type="submit" value="Login"></td></tr>
</form>
</table>

</body>

</html>

You aren't getting the data from your query. mysql_num_rows returns exactly what it says, the number of rows returned from a query - therefore it cannot be equal to a strings, only an integer.

Change to:

$query = mysql_fetch_array($login);

// Check username and password match
if ($query['user'] == 'admin') {
// Set username session variable
$_SESSION['username'] = $_POST['username'];
// Jump to secured page
header('Location:newAdmin.php');
}
elseif ($query['user'] == 'user') {
// Set username session variable
$_SESSION['username'] = $_POST['username'];
// Jump to secured page
header('Location:user.php');
}
else {
// Jump to login page
header('Location: ind.php');
}

Where I have used $query['user'] you need to change user to whatever the column name is in your db table that stores the level of user.

I did as you said simplypixie it goes to index page but it shows "This page has Redirect loop"..Any solution???????????

What is the code at the top of your index pages?

Your login form should be separate to any processing code.

Example - all pages (pseudocode):

session_start
include config.php
include loginswitch.php

DTD, head
body
    navigation menu
    echo $loginhtml
    page content
    footer

The loginswitch.php has the code to determine what's displayed: login form or 'logged in as xxxx' with logout link.

Example:
Suggest that you just store user id and access level in session

if(!isset($_SESSION['id'])){
    $loginhtml = ...(your form)...
}else{
    ...get user details from DB...
    $loginhtml = "<span class=\"logged\">Logged in as $username</span> <a href=\"logout.php\">logout</a>";
}

Your admin pages just need to have something like:

session_start();
if(!isset($_SESSION['id']) || $_SESSION['level'] != 'admin'){
    header('Location: index.php');
}

My 2p.

[off-topic hijack removed]

@andyy121,

You may not be aware of general forum accepted practices, but you may want to consider starting your own thread if you need help rather than hijaking someone else's.

This is my edited code..when I Log as admin it goes to invalid page..Can anyone help???
database details:
            Admin Login                 User Login
UserName:   admin                       user
Password:   admin                       user


This is index.php
<html>
<head>
<title></title>
</head>

<body>

<h3>User Login</h3>

<table border="0">
<form method="POST" action="newcon.php">
<tr><td>Username</td><td>:</td><td><input type="text" name="username" size="20"></td></tr>
<tr><td>Password</td><td>:</td><td><input type="password" name="password" size="20"></td></tr>
<tr><td>&nbsp;</td><td>&nbsp;</td><td><input type="submit" value="Login"></td></tr>
</form>
</table>

</body>

</html>

This is newcon.php

<?php
// Inialize session

// Include database connection settings
include('config.php');

$uname = $_POST['username'];
    $pwd = $_POST['password'];


        //if(isset($_POST[$uname]) || isset($_POST[$pwd]) || isset($_POST[$accessLevel])){
    $login = mysql_query("SELECT * FROM userslogin WHERE (UserName = '" . mysql_real_escape_string($_POST['username']) . "') and (Password = '" . mysql_real_escape_string(md5($_POST['password'])) . "')");



        session_start();
if($accessLevel != false){

        if($accessLevel == "1"){
            $_SESSION['admin'] =$uname;
        }
        else if($accessLevel == "2"){
            $_SESSION['user'] =$uname;
        }

        header("Location: ../apperal_prac/ind.php");
    }else {
        //echo "Invalid Login";
        //$rs = 0;
        header("Location: ../apperal_prac/invalid.php");    
    }


        //}
    ?>

This is ind.php


<?php
// Inialize session
session_start();
// Include database connection settings
include('config.php');

// Retrieve username and password from database according to user's input

session_start();
if(isset($_SESSION['admin']) || isset($_SESSION['user'])){
        if(isset($_SESSION['admin'])){
            $user = $_SESSION['admin'];
            header("Location: ../apperal_prac/admin.php");
        }
        elseif(isset($_SESSION['user'])){
            $user = $_SESSION['user'];
            header("Location: ../apperal_prac/user.php");
        }

    }else{
        header("Location: ../.php");
    }   
?>

This is config.php
<?php
$host="localhost";
$username="root";
$password="";
$db="name";


$login=mysql_connect($host,$username,$password)or die ("error in sql");

mysql_select_db($db) or die("cannot connect to the server");




?>

session_start should be at the top of the page before any DTD, html or other server output.

Login page

<?php

include("config.php");
session_start();
$error = "";

if($_SERVER["REQUEST_METHOD"] == "POST")
{
// username and password sent from form 

$myusername=addslashes($_POST['username']); 
$mypassword=addslashes($_POST['password']); 


$sql="SELECT id FROM admin WHERE username='$myusername' and passcode='$mypassword'";
$result=mysql_query($sql);
$row=mysql_fetch_array($result);
//$active=$row['Active'];
$count=mysql_num_rows($result);
//echo $count;


// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1)
{
session_register("myusername");
$_SESSION['login_user']=$myusername;
     header("location: enquiry.php");
}
else 
{
$error="Your Login Name or Password is invalid";

}
}
?>


<!DOCTYPE html>
<html>
<head>
  <link href="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/jquery-ui.css" rel="stylesheet" type="text/css"/>
  <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js"></script>
  <script src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js"></script>

  <script>
  $(document).ready(function() {
    $("#dialog").dialog();
  });
  </script>
</head>
<body style="font-size:62.5%;">

<div id="dialog" title="LogIn Panel"><form action="login.php" method="post">
<table border="0" cellpadding="0" cellspacing="0">
<tr><th><b>User Name  :</b></th><td><input type="text" name="username" class="box"/></td>
<tr><th><b>Password  :</b></th><td><input type="password" name="password" class="box" /></td>
<tr><td colspan="2" align="center"><br/><input type="submit" value=" Submit "/></td>
<tr><td colspan="2" align="center"><br/><?php echo $error; ?></td>
</table>
</form>

</div>
</body>
</html>

#

As @diafol has said, session_start() has to be before any other code or output in your page - that also means include files

<?php
session_start();
include("config.php");

Well, I suppose it doesn't have to be - just as long as you can guarantee that there isn't any output from that file, e.g. error messages etc. Just seems a lot safer to me.

I test your code anjalis863.it is going to login page even I enter wrong password and username.

how can my admin see all user and maonitor them please any one help me

@sultankhan

I think this is a different topic. Search the forum / web for similar topics or start your own thread.

sir i inserted the data in database then many rows fill with the same data how solve this problem tell me ???????

sir i inserted the data in database then many rows fill with the same data how to solve this problem tell me ???????hey anyone can tell me about this problems

 <?php
session_start();
$f_name=mysql_real_escape_string($_POST['f_name']);
$l_name=mysql_real_escape_string($_POST['l_name']);
 $email=mysql_real_escape_string($_POST['email']);
$city=mysql_real_escape_string($_POST['city']);
$country=mysql_real_escape_string($_POST['country']);
$phone_number=mysql_real_escape_string($_POST['phone_number']);
$password=mysql_real_escape_string($_POST['s_password']);

mysql_connect('localhost','root','');
mysql_select_db('college');
echo $insert="INSERT INTO college_info(`first_name`,`last_name`,`email`,`city`,`country`,`phone_number`) VALUES('$f_name','$l_name','$email','$city','$country','$phone_number')";
echo $sql=mysql_query($insert);

if($sql)
{
echo'registration successfully';
$_SESSION['sms']='registration successfully';
header('location:dashboard.php');
}
else
{
echo'not successfully';
$_SESSION['sms']='registration not successfully';
header('location:registration.php');
}

?>

hi, plz help me. i create single login form. i want to login in this form (user and admin) both in one form. how to register admin and user. and then how data store in database in one table. plz tell me first how i insert data in to data base tell me query or simple code. And then how to select the data in the database(tell me query).

tell me how i insert data in to data base, how to select the data in the database

There are many many tutorials on the web that cover this very basic information. Nobody here is going to write a new one just for you. Do some research of your own, then come back to Daniweb and start a new topic if you have any sensible questions.