1. Home
  2. Forums
  3. Programming
  4. Web Development

single login page for Admin and user

0

I want to create a single login page for Admin and user.When admin lo it should go to seperate page and when user log it shoult go to seperate page.I want sample code for this.Thanks..

8
Contributors
18
Replies
47
Views
4 Years
Discussion Span
4 Years Ago
Last Post by diafol
Featured Replies
  • 1

    @andyy121, You may not be aware of general forum accepted practices, but you may want to consider starting your own thread if you need help rather than hijaking someone else's. Read More

0

1) In you users table store the user type
2) while checking for loging creadentials against database, if username and password is correct, check the usertype.
3) if admin redirect to admin page, if user, redirect to user page
4) and do store the usertype in session for checking on other pages

0

I dont have. You can post your code, whatever you have done till now and then people can tell you the modifications. Chances of someone giving you the entire code tailored to your need are very less.

Edited by ckchaudhary

0
OP 
This is the code.When I call index.php page it goes to newAdmin.php page..Can you help

<?php

// Inialize session
session_start();

// Include database connection settings
include('configg.php');

// Retrieve username and password from database according to user's input
$login = mysql_query("SELECT * FROM user WHERE (UserName = '" . mysql_real_escape_string($_POST['username']) . "') and (Password = '" . mysql_real_escape_string(md5($_POST['password'])) . "')");

// Check username and password match
if (mysql_num_rows($login) == 'admin') {
// Set username session variable
$_SESSION['username'] = $_POST['username'];
// Jump to secured page
header('Location:newAdmin.php');
}
else
if (mysql_num_rows($login) == 'user') {
// Set username session variable
$_SESSION['username'] = $_POST['username'];
// Jump to secured page
header('Location:user.php');
}
else {
// Jump to login page
header('Location: ind.php');
}

?>
<html>

<head>
<title></title>
</head>

<body>

<h3>User Login</h3>

<table border="0">
<form method="POST" action="ind.php">
<tr><td>Username</td><td>:</td><td><input type="text" name="username" size="20"></td></tr>
<tr><td>Password</td><td>:</td><td><input type="password" name="password" size="20"></td></tr>
<tr><td>&nbsp;</td><td>&nbsp;</td><td><input type="submit" value="Login"></td></tr>
</form>
</table>

</body>

</html>
0

You aren't getting the data from your query. mysql_num_rows returns exactly what it says, the number of rows returned from a query - therefore it cannot be equal to a strings, only an integer.

Change to:

$query = mysql_fetch_array($login);

// Check username and password match
if ($query['user'] == 'admin') {
// Set username session variable
$_SESSION['username'] = $_POST['username'];
// Jump to secured page
header('Location:newAdmin.php');
}
elseif ($query['user'] == 'user') {
// Set username session variable
$_SESSION['username'] = $_POST['username'];
// Jump to secured page
header('Location:user.php');
}
else {
// Jump to login page
header('Location: ind.php');
}

Where I have used $query['user'] you need to change user to whatever the column name is in your db table that stores the level of user.

0
OP

I did as you said simplypixie it goes to index page but it shows "This page has Redirect loop"..Any solution???????????

0

Your login form should be separate to any processing code.

Example - all pages (pseudocode):

session_start
include config.php
include loginswitch.php

DTD, head
body
    navigation menu
    echo $loginhtml
    page content
    footer

The loginswitch.php has the code to determine what's displayed: login form or 'logged in as xxxx' with logout link.

Example:
Suggest that you just store user id and access level in session

if(!isset($_SESSION['id'])){
    $loginhtml = ...(your form)...
}else{
    ...get user details from DB...
    $loginhtml = "<span class=\"logged\">Logged in as $username</span> <a href=\"logout.php\">logout</a>";
}

Your admin pages just need to have something like:

session_start();
if(!isset($_SESSION['id']) || $_SESSION['level'] != 'admin'){
    header('Location: index.php');
}

My 2p.

0

[off-topic hijack removed]

Edited by Ezzaral: Do not hijack other people's threads with your own question. Start a new thread.

1
Featured

@andyy121,

You may not be aware of general forum accepted practices, but you may want to consider starting your own thread if you need help rather than hijaking someone else's.

Edited by JorgeM

0
OP 
This is my edited code..when I Log as admin it goes to invalid page..Can anyone help???
database details:
            Admin Login                 User Login
UserName:   admin                       user
Password:   admin                       user


This is index.php
<html>
<head>
<title></title>
</head>

<body>

<h3>User Login</h3>

<table border="0">
<form method="POST" action="newcon.php">
<tr><td>Username</td><td>:</td><td><input type="text" name="username" size="20"></td></tr>
<tr><td>Password</td><td>:</td><td><input type="password" name="password" size="20"></td></tr>
<tr><td>&nbsp;</td><td>&nbsp;</td><td><input type="submit" value="Login"></td></tr>
</form>
</table>

</body>

</html>

This is newcon.php

<?php
// Inialize session

// Include database connection settings
include('config.php');

$uname = $_POST['username'];
    $pwd = $_POST['password'];


        //if(isset($_POST[$uname]) || isset($_POST[$pwd]) || isset($_POST[$accessLevel])){
    $login = mysql_query("SELECT * FROM userslogin WHERE (UserName = '" . mysql_real_escape_string($_POST['username']) . "') and (Password = '" . mysql_real_escape_string(md5($_POST['password'])) . "')");



        session_start();
if($accessLevel != false){

        if($accessLevel == "1"){
            $_SESSION['admin'] =$uname;
        }
        else if($accessLevel == "2"){
            $_SESSION['user'] =$uname;
        }

        header("Location: ../apperal_prac/ind.php");
    }else {
        //echo "Invalid Login";
        //$rs = 0;
        header("Location: ../apperal_prac/invalid.php");    
    }


        //}
    ?>

This is ind.php


<?php
// Inialize session
session_start();
// Include database connection settings
include('config.php');

// Retrieve username and password from database according to user's input

session_start();
if(isset($_SESSION['admin']) || isset($_SESSION['user'])){
        if(isset($_SESSION['admin'])){
            $user = $_SESSION['admin'];
            header("Location: ../apperal_prac/admin.php");
        }
        elseif(isset($_SESSION['user'])){
            $user = $_SESSION['user'];
            header("Location: ../apperal_prac/user.php");
        }

    }else{
        header("Location: ../.php");
    }   
?>

This is config.php
<?php
$host="localhost";
$username="root";
$password="";
$db="name";


$login=mysql_connect($host,$username,$password)or die ("error in sql");

mysql_select_db($db) or die("cannot connect to the server");




?>
0
Login page

<?php

include("config.php");
session_start();
$error = "";

if($_SERVER["REQUEST_METHOD"] == "POST")
{
// username and password sent from form 

$myusername=addslashes($_POST['username']); 
$mypassword=addslashes($_POST['password']); 


$sql="SELECT id FROM admin WHERE username='$myusername' and passcode='$mypassword'";
$result=mysql_query($sql);
$row=mysql_fetch_array($result);
//$active=$row['Active'];
$count=mysql_num_rows($result);
//echo $count;


// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1)
{
session_register("myusername");
$_SESSION['login_user']=$myusername;
     header("location: enquiry.php");
}
else 
{
$error="Your Login Name or Password is invalid";

}
}
?>


<!DOCTYPE html>
<html>
<head>
  <link href="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/jquery-ui.css" rel="stylesheet" type="text/css"/>
  <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js"></script>
  <script src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js"></script>

  <script>
  $(document).ready(function() {
    $("#dialog").dialog();
  });
  </script>
</head>
<body style="font-size:62.5%;">

<div id="dialog" title="LogIn Panel"><form action="login.php" method="post">
<table border="0" cellpadding="0" cellspacing="0">
<tr><th><b>User Name  :</b></th><td><input type="text" name="username" class="box"/></td>
<tr><th><b>Password  :</b></th><td><input type="password" name="password" class="box" /></td>
<tr><td colspan="2" align="center"><br/><input type="submit" value=" Submit "/></td>
<tr><td colspan="2" align="center"><br/><?php echo $error; ?></td>
</table>
</form>

</div>
</body>
</html>

#

0

As @diafol has said, session_start() has to be before any other code or output in your page - that also means include files

<?php
session_start();
include("config.php");
0

Well, I suppose it doesn't have to be - just as long as you can guarantee that there isn't any output from that file, e.g. error messages etc. Just seems a lot safer to me.

0
OP

I test your code anjalis863.it is going to login page even I enter wrong password and username.

0

@sultankhan

I think this is a different topic. Search the forum / web for similar topics or start your own thread.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.