DMP23
04-21-2006, 06:39 AM
having trouble finding the best way to script this scenario:
when a member logs in he/she accesses the site. (this is no problem and scripted in the code below.)
however i want to add in one condition where if a user name and password is equal to "asd" and "asd" (being administrative u+p) would access the same page but with extra functionality. i.e. so that this condition would give administration access to the user that provides U+P of "asd" and "asd"
i was thinkin of somthing along the lines of adding in an IF statement like if ($_POST['username'] == "asd") AND ($_POST[password] == "asd") into my code.
here is my code so far. please advise:
<?php
if(!isset($_COOKIE['login']) || $_COOKIE['login']!=1)
{
if (!isset($_POST[username]) || !isset($_POST[password])) {
header("Location: wrong.php?notlogged=1");
exit;
}
//connect to server and select database
$conn = mysql_connect ('localhost', '','') or die ('could not connect to MYSQL because: ' . mysql_error());
mysql_select_db (blueprintdb) or die ('could not select the DB because: ' . mysql_error());
//create and issue the query
$sql = "select first_name, last_name from users where username = '$_POST[username]' AND password = '$_POST[password]'";
$result = mysql_query($sql,$conn) or die("User Query Error ".mysql_error());
//get the number of rows in the result set; should be 1 if a match
if (mysql_num_rows($result) == 1) {
//if authorized, get the values of f_name l_name
$first_name = mysql_result($result, 0, 'first_name');
$last_name = mysql_result($result, 0, 'last_name');
//set authorization cookie
setcookie("login", "1", false, "/", false, 0);
setcookie("firstname", "$first_name", false, "/", false, 0);
//print "Cookie status: authorised-".$_COOKIE[auth];
//prepare message for printing, and user menu
$msg = "<h2><font color = #6DA6E2>$first_name $last_name you are now a member of Dynamic Homes...</h2></p>";
} else
{
//redirect back to login form if not authorised
header("Location: wrong.php");
//print "Wrong user name or password. Please try login again</a>";
exit;
}
}
if($_COOKIE['login']==1)
print "Hello ".$_COOKIE[firstname];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Dynamic Homes</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link href="style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="container">
<div id="header">
<form name="form1" id="form1" method="post" action="">
<div align="left">
<input type="text" name="textfield" value="Search For..." />
<input class=" button" type="submit" name="Submit" value="GO" />
</div>
</form>
<h1 align="left">Dynamic Homes</h1>
<p align="left">Making dream homes possible</p>
</div>
<div id="tabs10">
<div align="left">
<ul>
<li><a href="index.html" title="Link 1"><span>Home</span></a></li>
<li><a href="bungalow.php" title="Link 2"><span>Bungalow</span></a></li>
<li><a href="split_level.php" title="Link 3"><span>Split Level</span></a></li>
<li><a href="tudor.php" title="Link 4"><span>Tudor</span></a></li>
<li><a href="star_house.php" title="Link 5"><span>*Star Home*</span></a></li>
<li><a href="Garage_plans.php" title="Link 7"><span>Garage Plans</span></a></li>
<li><a href="index_register2.html" title="Link 6"><span>Register</span></a></li>
<li><a href="Contact_us.php" title="Link 8"><span>Contact Us</span></a></li>
</ul>
</div>
</div>
<div id="container2">
<div id="content">
<h2></h2>
<img src="left.gif" alt="Right Align" width="150" height="112" class="right" />
<p></p>
<h2></h2>
<? print "$msg"; ?>
<h2 align="left">Pick the criteria you would like in your dream home..</h2>
<p>
<FORM ACTION="frontpage5_response.php" METHOD=POST>
<div align="left">House type?:
<select name="type1">
<option value="detached"> detached </option>
<option value="split"> split</option>
<option value="semi"> semi</option>
</select>
<br>
<br>
Number of floors?:
<select name="story">
<option value="one" selected> One Storey
</opion>
<option value="two"> Two Storey
</opion>
<option value="split"> Three Storey
</opion>
</select>
<br>
<br>
How many bedrooms?:
<select name="bedrooms">
<option value="1"> 1
</opion>
<option value="2"> 2
</opion>
<option value="3">3
</opion>
<option value="4"> 4
</opion>
</select>
<br>
<br>
How many bathrooms?:
<select name="bathrooms">
<option value="1"> 1
</opion>
<option value="2"> 2
</opion>
<option value="3"> 3
</opion>
<option value="4"> 4
</opion>
</select>
<br>
<br>
<br>
<input type ="submit" value="send">
<br>
<br>
</div>
<p align="left"></p>
<div align="left"><img src="Deliciously_Blue/left.gif" alt="Left Align" width="150" height="112" class="left" /><br />
</div>
<h2 align="left">Ive changed my mind.</h2>
<p align="left">
Take me back to <a href="index.html">homepage</a></p>
<div id="footer">
<p align="left">
<a href="http://www.dynamichomes.com">Dynamic Homes</a> | Copyright © Phillipa Flynn | Design by <a href="#">DrunkinP</a></p>
</div>
</div>
</div>
</body>
</html>
when a member logs in he/she accesses the site. (this is no problem and scripted in the code below.)
however i want to add in one condition where if a user name and password is equal to "asd" and "asd" (being administrative u+p) would access the same page but with extra functionality. i.e. so that this condition would give administration access to the user that provides U+P of "asd" and "asd"
i was thinkin of somthing along the lines of adding in an IF statement like if ($_POST['username'] == "asd") AND ($_POST[password] == "asd") into my code.
here is my code so far. please advise:
<?php
if(!isset($_COOKIE['login']) || $_COOKIE['login']!=1)
{
if (!isset($_POST[username]) || !isset($_POST[password])) {
header("Location: wrong.php?notlogged=1");
exit;
}
//connect to server and select database
$conn = mysql_connect ('localhost', '','') or die ('could not connect to MYSQL because: ' . mysql_error());
mysql_select_db (blueprintdb) or die ('could not select the DB because: ' . mysql_error());
//create and issue the query
$sql = "select first_name, last_name from users where username = '$_POST[username]' AND password = '$_POST[password]'";
$result = mysql_query($sql,$conn) or die("User Query Error ".mysql_error());
//get the number of rows in the result set; should be 1 if a match
if (mysql_num_rows($result) == 1) {
//if authorized, get the values of f_name l_name
$first_name = mysql_result($result, 0, 'first_name');
$last_name = mysql_result($result, 0, 'last_name');
//set authorization cookie
setcookie("login", "1", false, "/", false, 0);
setcookie("firstname", "$first_name", false, "/", false, 0);
//print "Cookie status: authorised-".$_COOKIE[auth];
//prepare message for printing, and user menu
$msg = "<h2><font color = #6DA6E2>$first_name $last_name you are now a member of Dynamic Homes...</h2></p>";
} else
{
//redirect back to login form if not authorised
header("Location: wrong.php");
//print "Wrong user name or password. Please try login again</a>";
exit;
}
}
if($_COOKIE['login']==1)
print "Hello ".$_COOKIE[firstname];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Dynamic Homes</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link href="style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="container">
<div id="header">
<form name="form1" id="form1" method="post" action="">
<div align="left">
<input type="text" name="textfield" value="Search For..." />
<input class=" button" type="submit" name="Submit" value="GO" />
</div>
</form>
<h1 align="left">Dynamic Homes</h1>
<p align="left">Making dream homes possible</p>
</div>
<div id="tabs10">
<div align="left">
<ul>
<li><a href="index.html" title="Link 1"><span>Home</span></a></li>
<li><a href="bungalow.php" title="Link 2"><span>Bungalow</span></a></li>
<li><a href="split_level.php" title="Link 3"><span>Split Level</span></a></li>
<li><a href="tudor.php" title="Link 4"><span>Tudor</span></a></li>
<li><a href="star_house.php" title="Link 5"><span>*Star Home*</span></a></li>
<li><a href="Garage_plans.php" title="Link 7"><span>Garage Plans</span></a></li>
<li><a href="index_register2.html" title="Link 6"><span>Register</span></a></li>
<li><a href="Contact_us.php" title="Link 8"><span>Contact Us</span></a></li>
</ul>
</div>
</div>
<div id="container2">
<div id="content">
<h2></h2>
<img src="left.gif" alt="Right Align" width="150" height="112" class="right" />
<p></p>
<h2></h2>
<? print "$msg"; ?>
<h2 align="left">Pick the criteria you would like in your dream home..</h2>
<p>
<FORM ACTION="frontpage5_response.php" METHOD=POST>
<div align="left">House type?:
<select name="type1">
<option value="detached"> detached </option>
<option value="split"> split</option>
<option value="semi"> semi</option>
</select>
<br>
<br>
Number of floors?:
<select name="story">
<option value="one" selected> One Storey
</opion>
<option value="two"> Two Storey
</opion>
<option value="split"> Three Storey
</opion>
</select>
<br>
<br>
How many bedrooms?:
<select name="bedrooms">
<option value="1"> 1
</opion>
<option value="2"> 2
</opion>
<option value="3">3
</opion>
<option value="4"> 4
</opion>
</select>
<br>
<br>
How many bathrooms?:
<select name="bathrooms">
<option value="1"> 1
</opion>
<option value="2"> 2
</opion>
<option value="3"> 3
</opion>
<option value="4"> 4
</opion>
</select>
<br>
<br>
<br>
<input type ="submit" value="send">
<br>
<br>
</div>
<p align="left"></p>
<div align="left"><img src="Deliciously_Blue/left.gif" alt="Left Align" width="150" height="112" class="left" /><br />
</div>
<h2 align="left">Ive changed my mind.</h2>
<p align="left">
Take me back to <a href="index.html">homepage</a></p>
<div id="footer">
<p align="left">
<a href="http://www.dynamichomes.com">Dynamic Homes</a> | Copyright © Phillipa Flynn | Design by <a href="#">DrunkinP</a></p>
</div>
</div>
</div>
</body>
</html>