0

Hello,

I created a login script in which I set a condition of 2 authentication user and other one is admin but the redirection is not working properly it check if user type is admin it logsin but not redirect it moves all the way downword to else condition let me show you the code so you would know better what I am trying to say

Login.php

<ul class="log">
    <form method="POST" action="includes/verify.php">
    <li><input type="text" class="form-control" placeholder="Username" name="username">
    <input type="password" class="form-control" placeholder="Password" name="password"></li>
    <li><button type="submit" class="btn btn-default" name="login">Login</button></li>
    </ul>
    </form>

includes/verify.php

<?php 
    session_start();
    require_once("connection.php");
    if(isset($_POST["login"])) {
        $username  = $_POST["username"];
        $password = mysqli_real_escape_string($connection, $_POST["password"]);

        $get_query = mysqli_query($connection, "SELECT * FROM users");

        while($record = mysqli_fetch_array($get_query)) {
            $uname = $record{"username"};
            $pass  = $record["password"];
            $utype = $record["utype"];

            if($username == $uname && $password == $pass) {
                // it confirms wether the user type is admin or it can redirect to else condition
                if($utype == "admin") {
                    $_SESSION["uname"] = $username;
                    $_SESSION["uid"]   = $record["uid"];    
                    //if user type is admin it log's in but this redirection is not working i beleive
                    header("Location: ../control.php?uid=".$_SESSION["uid"]);
                } else {
                    $_SESSION["uname"] = $username;
                    $_SESSION["uid"]   = $record["uid"];

                    $query = mysqli_query($connection, "INSERT INTO online (uid, status, uname) VALUES ('{$record["uid"]}', 'online', '$username')");
                    header("Location: ../index.php?uid={$_SESSION["uid"]}");
                    exit();
                }
            } else {
                $_SESSION["message"] = "Invalid Username/Password provided";
                //when user type is admin this header function runs don't know what is happening though
                header("Location: ../login.php");

            }
        }
    }
?>
2
Contributors
3
Replies
13
Views
2 Years
Discussion Span
Last Post by pritaeas
0

Maybe because the first database result does not match what you input. Your logic is flawed, you shouldn't be looping through all user records.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.