0

I'm a newbie in php and I want to create a single login page for Admin and user.When admin log in it should go to an admin page and when user log it shoult go to index page.I want help with my code, it works fine login normal users but i try it addind the admin part and it doesn't seem to work .Please help and Thanks in advance ..
This is my validation code for the login

<?php

if(!empty($_POST)){
if(isset($_POST["username"]) &&isset($_POST["password"])){
    if($_POST["username"]!=""&&$_POST["password"]!=""){
        include "conexion.php";
        $user_=null;
        $sql1= "select * from user where (username=\"$_POST[username]\" or email=\"$_POST[username]\") and password=\"$_POST[password]\" ";
        $query = $con->query($sql1);
        while ($r=$query->fetch_array()) {
            $user_fullname=$r["fullname"];
                            $_SESSION['user']=array();

        }
        if($user_fullname==null){
            print "<script>alert(\"User or password incorrect.\");window.location='../login.php';</script>";
        }else{
            session_start();
            $_SESSION["user_fullname"]=$user_fullname;
            print "<script>window.location='../index.php';</script>";               
        }

}
}
}
?>
2
Contributors
1
Reply
18
Views
2 Weeks
Discussion Span
Last Post by rproffitt
0

I don't see any code that tests for your admin login. You may have to add code to do that. It should be about line 20 from what I see with another if (admin) do the admin thing else what is on line 20.

In parting it appears you are breaking some basic security concepts as well. Never store user passwords in the clear. There are many tutorials and articles about this so no need for me to do more than note it now. Often folk learn to do these logins incorrectly and are doomed to create leaky and bad login systems for decades.

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.