hi there.
i'm having some problems with the development of a login system i need to make one that redirects the user to his group page.
I'm developing a control system to the enterprise that i work for and we have 4 groups:
admins
negociators
vendors
and aministrative people
each one can access to some (just some) parts of the system, so i create 4 index pages one to each group so i need that the login script check the group on the database and redirect the user to his group index.
i have no idea how i'm gonna do that...
do you have any ideas?
Thanks for the help in advance.
Cheers Miguel Pinto
miguelp
BeginnerLink Clerk
Comments
1. MySQL Database..
You need to setup a MySQL database (or a database on whatever platform you use) with a table for the users. The table should consist of at least the username, password and email along with whatever other information you require for your system.
2. Submitting form data for processing...
You need to learn about how you can process submitted form data and fire several queries at the database that will create a new member, validate certain information, login and possibly more!
3. Sessions and cookies...
You need to learn how to utilise sessions (SERVER SIDE ONLY) for short login periods (until the browser window is closed) and cookies if you want a "sign me in automatically" feature. Sessions and cookies are used to remember specific pieces of data such as username and password so that the user doesn't have to login everytime!
Those are the three main things for building a simple user system. For more complex solutions there are certain other things you may want to look into. For instance you mentioned redirection. Well this can be done using a very simply thing known as HTTP_REFERER. You can relocate the user to the previous page stored in HTTP_REFERER variable. Something like:
header("location: " . $_SERVER);
Okay well search for those things and I am sure you will be able to find a nice tutorial. There are plenty of sites that have simple login scripts/tutorials such as:
http://pixel2life.com
http://hotscripts.com
http://php.net
And more..
i allready have the database setup, with the tables username userpassword name email and usertype.
i have build the form for insert new users, another one to actualize the info of the user and another screen to list and delete users. that was some how easy, now wat i need to do is to implement in the login page some code that check the user name and password that the user types and if the user and password ar correct read the user type from the database and redirect him to his index page.
you see, just the admins will have permition to add or delete or even see the users. i dont whant any other group to see the user info and add or delete new users. so i create 4 index pages one for each group width a diferent menu to each.
there ar just one index page that have the "users" option in the menu that is admins.
i just need to redirect the users depending on the user type stored in the database.
Modify the following code to suit you. This is also very simple code which you may want to adapt for things like OOP instead.
Lets presume you have your login form setup as follows..
[HTML]
<form name="login" action="login.php" method="post">
<b>Username</b> <br>
<input type="text" name="username"> <br>
<b>Password</b> <br>
<input type="password" name="password"><br>
<input type="submit" name="submit" value="Login">
</form>
[/HTML]
Now then we get the form data and simply process it the way we want.
[PHP]
/* First of all we want to get the submitted form data of our username
and password. Use trim to strip unneeded whitespaces from the beginning
and the end of a string. We must also ensure that form data was submitted, so we use the isset function...*/
if(isset($_POST))
{
$username = trim($_POST);
$password = trim($_POST);
// Is the username or password empty?
if(empty($username) || empty($password))
{
die("You didn't fill out all fields!");
}
// Connect to the database.
$connect = mysql_connect("localhost","dbuser","dbpass") or die(mysql_error()
$dbselect = mysql_select_db("dbname") or die(mysql_error());
// MD5 the submitted password (IF YOU DON'T USE MD5 YOU SHOULD!!);
$password = md5($password);
// Now get the username, password and usertype from the database...
$login_check = mysql_query("SELECT username, password, usertype FROM users WHERE username='$username' AND password='$password' LIMIT 1");
// Was there a match? If so redirect the user based upon there usertype
if(mysql_num_rows($login_check) > 0)
{
while($r = mysql_fetch_array($login_check))
{
// Use a switch statement and redirect the user to whatever page...
switch ($r)
{
case "usertype1":
$redirectpage = "usertype1.php";
case "usertype2":
$redirectpage = "usertype2.php";
case "usertype3":
$redirectpage = "usertype3.php";
case "usertype4":
$redirectpage = "usertype4.php";
}
// Could we set an actual redirection page?
if(empty($redirectpage))
{
die("Error: Could not set redirect page...");
}
// Redirect the user to the appropriate page...
header("location: " . $redirectpage);
}
}
[/PHP]
Of course for actual security you need to have session checking on all possible redirection pages so that people can't just freely access them!
Okay I hope that helps.
i had the idea but can't came up with the code sinse i'm a beguinner in PHP/MySQL you really helped me. thanks once again.
___________________________________________________
Miguel Pinto
lookatitude