0

Hello,

I created a user login form with a crietaria fixed that if the user type is admin then it should be redirected to admin page and if it is an agent it should be redirected to home.php

The admin type is working properly but when i enter agent id and paw it redirects back to login page

here is the code

<?php
    include_once ("connection.php");

    $username = $_POST["user_name"];
    $password = $_POST["password"];

    $query = "SELECT * FROM agents";
    $query_confirm = mysqli_query($connection, $query);

    while ($record = mysqli_fetch_assoc($query_confirm)) {
        $id = $record["id"];
        $uname = $record["agent_uname"];
        $user_pass = $record["agent_password"];
        $user_type = $record["user_type"];
    }

    if(isset($_POST["login"])) {
        if($username == $uname  && $password == $user_pass) {
            if($user_type == "Admin") {
                header("Location: ../admin.php?admin=".$id);
                exit;
            } else {
                header("Location: ../home.php?agent=".$id);
                exit;
            }
        } else {
            header("Location: ../login.php");
        }
    }

?>

Thank You

5
Contributors
7
Replies
36
Views
2 Years
Discussion Span
Last Post by UK-1991
0

I find it's easy to troubleshoot by just putting some echo statements in and seeing what's being sent.

    if(isset($_POST["login"])) {

echo "<br />the user_type is ".$user_type;   
echo "<br />the username is ".$username; 

    }

I'm not sure that you need those exit; statements.

0

Here is the form

<?php 
    require_once("includes/connection.php");
?>
<!DOCTYPE HTML>
<html>
<head>
<title> Green Gadget - Login</title>
<meta http-equiv="Content-Type" content="text/html;">

    <link type="text/css" rel="stylesheet" href="css/style.css" />
    <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css">

</head>

<body>
    <div id="main_page" style="  padding: 152px 0;">
    <p class="heading_login">LOGIN</p>
        <div id="login">
        <form name="login" method="post" action="includes/verify.php">
            <label>
                <p>User Name</p>
                <input type="text" name="user_name" class="txtfield_login" required />
                <div class="clear"></div>
            </label>

            <label>
                <p>Password</p>
                <input type="password" name="password" class="txtfield_login" required />
                <div class="clear"></div>
            </label>

            <input type="submit" class="formbtn_login" value="Login" name="login" />
        </form>
        <div class="clear"></div>
        </div>
    </div>

</body>
</html>
0

@terrymason the indormation echoing is correct but dont know why it's not confirming it

0

Try to review your code

$query = "SELECT * FROM agents";
    $query_confirm = mysqli_query($connection, $query);
    while ($record = mysqli_fetch_assoc($query_confirm)) {
        $id = $record["id"];
        $uname = $record["agent_uname"];
        $user_pass = $record["agent_password"];
        $user_type = $record["user_type"];
    }

From what I see, you select all record from agents table and overwrite the $id,$uname,$user_pass,$user_type for each record. This means these variable will only store the last data from the database. Then your code on if($username == $uname && $password == $user_pass) will return false.

If I am in the case, I will probably change the code into

if(isset($_POST["login"])) {//if not posted, no need to fetch from database
    while ($record = mysqli_fetch_assoc($query_confirm)) {
        $id = $record["id"];
        $uname = $record["agent_uname"];
        $user_pass = $record["agent_password"];
        $user_type = $record["user_type"];
        if($username == $uname  && $password == $user_pass) {
            if($user_type == "Admin") {
                header("Location: ../admin.php?admin=".$id);
                exit;
            } else {
                header("Location: ../home.php?agent=".$id);
                exit;
            }
        } else {
            header("Location: ../login.php");
        }
    }
} else {
    header("Location: ../login.php");
}
0

@lps , Perfect so this was the big mistake I was doing on I tried to done every form processing within the loop and it did worked thank you once again.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.