Hello,

I created a login script in which I set a condition of 2 authentication user and other one is admin but the redirection is not working properly it check if user type is admin it logsin but not redirect it moves all the way downword to else condition let me show you the code so you would know better what I am trying to say

Login.php

<ul class="log">
    <form method="POST" action="includes/verify.php">
    <li><input type="text" class="form-control" placeholder="Username" name="username">
    <input type="password" class="form-control" placeholder="Password" name="password"></li>
    <li><button type="submit" class="btn btn-default" name="login">Login</button></li>
    </ul>
    </form>

includes/verify.php

<?php 
    session_start();
    require_once("connection.php");
    if(isset($_POST["login"])) {
        $username  = $_POST["username"];
        $password = mysqli_real_escape_string($connection, $_POST["password"]);

        $get_query = mysqli_query($connection, "SELECT * FROM users");

        while($record = mysqli_fetch_array($get_query)) {
            $uname = $record{"username"};
            $pass  = $record["password"];
            $utype = $record["utype"];

            if($username == $uname && $password == $pass) {
                // it confirms wether the user type is admin or it can redirect to else condition
                if($utype == "admin") {
                    $_SESSION["uname"] = $username;
                    $_SESSION["uid"]   = $record["uid"];    
                    //if user type is admin it log's in but this redirection is not working i beleive
                    header("Location: ../control.php?uid=".$_SESSION["uid"]);
                } else {
                    $_SESSION["uname"] = $username;
                    $_SESSION["uid"]   = $record["uid"];

                    $query = mysqli_query($connection, "INSERT INTO online (uid, status, uname) VALUES ('{$record["uid"]}', 'online', '$username')");
                    header("Location: ../index.php?uid={$_SESSION["uid"]}");
                    exit();
                }
            } else {
                $_SESSION["message"] = "Invalid Username/Password provided";
                //when user type is admin this header function runs don't know what is happening though
                header("Location: ../login.php");

            }
        }
    }
?>

fixed but same issue is coming up though

Maybe because the first database result does not match what you input. Your logic is flawed, you shouldn't be looping through all user records.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.