Hi there,
I have a login script that uses sessions. It looks up the user info in the form of Forename, Surename and Password. If there details are correct it logs them into my admin section. Now... How can i make my SQL/PHP script, lookup the people in another table in my DB and do some sort of if command saying.. If user logged in is from table tblLeaderDetails then go to index2.php and if user logged in is from table tblExplorers then go to another page... index3.php...

http://www.php.net/manual/en/function.header.php

if($userIsLeader){
header("Location: http://www.mypage.com/page1.php");
}
elseif($userIsExplorer){
header("Location: http://www.mypage.com/page2.php");
}

Do you know how to query the DB?

Im not entireley sure... Can you give me a small hint so as i can look it up online? I may do though lol

what part exactly do you not understand?

Well
Doing what Shmohel kindly gave me wont do anything by itself... Because userIsLeader and userIsExplorer arnt deffined anywhere... how would i set-it up so it does something..

it depends, how do your tables look like? how do you define in which table it should search? (or do you always search in both?)
do you have a user type column or something similar?

Well... My Inportant information in each table is... Forename, Surename and Password (Aswell as ID)... Well, i guess my first step is this... How can i set my sql query (for the login) so that i can login with the details from either table

why do they need to be in different tables?
is the table structure different?

Well yes... The Explorer table contains Forename, Surename, Password, ID and Email.. This is for our private use which we dont want anyone to get accsess to (well at least see it in front of them).. The leader table contains all of the above, pluss phone numbers and home address which is accsessible to the public! Ultimatley, i want the Leaders to login to the Admin section of my site, and the Explorers to login to there own section.. Reckon you can help me with that if i show you what ive got so far?

All that information could still be stored in one table (making your life easier) and then just structure your queries so that users only see the information based upon the user type (an extra field that can either be leader or explorer)

see, for this forum software,
you and i are in the same database, however somewhere i have the mod status, and i when i log in i have mod privileges.
They don't have an extra database for mods or admins, it's the same

that's the most logic way to do it, unless you want to use different login forms.

just have a column called "level" or "rang" or "jfhdfjhg" or something like that,
and give it a value or 1, 87 or dfhd or leader, whatever you want

now when your users log in, check that column to see if they are explorers or leaders and act accordingly

got it?

But then id have about 60 explorers with no address, phone number etc... isnt that slightly inefficent? Im not sure...

ok, mister above was quicker..

Ok then.. Ill make it all one table, and have one colum called... Um... Type.. Type can be either Leader or Explorer... Now, how can i display a different page for the different types and not allow explorers to see pages which are accsessible by leaders? Would you need to see my current code

But then id have about 60 explorers with no address, phone number etc... isnt that slightly inefficent? Im not sure...


nah, would make no difference
just leave the fields empty

simply get the user type from the database as they connect and if usertype == "leader", display what you want the leaders to see, otherwise, if usertype is equal to explorer, show what you want the explorers to see

Ok then... Ill try that... But how can i make it so that only leaders can see the admin pages? I am using sessions...

simply check the user type

Um... I have no idea on how to do that... Here is what i have.. Please help me implement both the usertype == "leader" on login and the usertype check on each page..

Login Script

<?php

session_start();

$dbcnx = @mysql_connect("xx", "xxx", "xx") or
die("ERROR: Unable to establish database connection");

$dbconn = @mysql_select_db("xxx") or
die( "Unable to select database");


if(isset($_POST['submit']))
{
$Forename = mysql_real_escape_string($_POST['Forename']);
$Surname = mysql_real_escape_string($_POST['Surname']);
$Password = mysql_real_escape_string($_POST['Password']);
$query = "SELECT * FROM `tblExplorerGroup` WHERE `Forename`='$Forename' AND `Surname`='$Surname' AND `Password`= '$Password'";
$result = mysql_query($query) or die("ERROR: " . mysql_error());
if(mysql_num_rows($result) > 0) # we found a match, so set $_SESSION flag:
{
$_SESSION['logged'] = TRUE;
if(isset($_SESSION['caller']))
{
header("Location: " . $_SESSION['caller']);
exit;
}
else # otherwise go to main page
{
header("Location: FrontPage.php");
exit;
}
}
else # invalid login, so create error message
{
$error = "<p id='error'>ERROR: Invalid user name and/or password.</p>";
}
}

?>


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>
<head>
<title>Please Login</title>
<link rel=stylesheet type="text/css" href="Style.css">
<style type="text/css">
<!--
fieldset {
width: 20em;
margin: 1em auto;
}
legend {
font-size: large;
font-weight: bold;
}
label {
float: left;
width: 6em;
}
fieldset p {
clear: both;
}
#error {
color: #c00;
font-weight: bold;
}

</style>

</head>

<body background="img/background.jpg" bottommargin="0" leftmargin="0" marginheight="0" marginwidth="0" rightmargin="0" topmargin="0">

<center><table width="765" height="100%" cellpadding="0" cellspacing="0" border="0" background="img/mainbackground.jpg"><tr valign="top"><td>

<table width="764" height="97" cellpadding="0" cellspacing="0" border="0">
<tr valign="top">
<td width="248"><!-- logo image --><img src="img/templogo.jpg" width="248" height="97" border="0" alt=""><!-- end logo image --></td>
<td width="100%" background="img/toplogobg.jpg"><img src="img/toplogobg.jpg" width="22" height="97" border="0" alt=""></td>
</tr>
</table>
<table width="764" height="42" cellpadding="0" cellspacing="0" border="0">
<tr valign="top">
<td width="169"><img src="img/left1.jpg" width="169" height="42" border="0" alt=""></td>
<td width="100%" background="img/left1bg.jpg"><img src="img/left1bg.jpg" width="20" height="42" border="0" alt=""></td>
</tr>
</table>

<table width="764" cellpadding="0" cellspacing="0" border="0">
<tr valign="top">
<td width="150">
</td>

<td width="10">&nbsp;</td>
<td width="744">

<!-- add your content below -->
<BR>
<BR><BR><BR><BR>
<BR><BR><BR><BR><BR>
<center><form action='<?php echo $_SESSION['PHP_SELF'] ?>' method='post'>
<fieldset>
<legend>Log In</legend>
<p><label for="Forename">Forename:</label>
<input name="Forename" type="text" size="16" maxlength="16">
</p>
<p><label for="Surname">Surname:</label>
<input name="Surname" type="text" size="16" maxlength="16">
</p>
<p><label for="Password">Password:</label>
<input name="Password" type="password" size="16" maxlength="16">
</p>

<p><input type="submit" name="submit" value="Log In"></p>
<?php
if(!empty($error))
{
echo $error;
}
?>
</fieldset>
</form>
</center>
</td>
<td width="10">&nbsp;</td>
</tr>
</table>
</td></tr></table></center>
</body>
</html>


Each page has this as a check

<?php
if (session_id() == ""){
session_start();
}
if (!$_SESSION['logged']){
header("Location:index.php");
}
?>

you should add a column to each table called user_group, or something along those lines, and if they are "admin", set user group to 1, if they are "non-admin" set user group to 2.

Then In your login check to see if user group is equal to 1, if it is show the admin section, if not, well then show them what you wanted to show them.

See above post

Anyone? Please :)

Update your PHP to match:

<?php

session_start();

$dbcnx = @mysql_connect("xx", "xxx", "xx") or
die("ERROR: Unable to establish database connection");

$dbconn = @mysql_select_db("xxx") or
die( "Unable to select database");


if(isset($_POST['submit']))
{
$Forename = mysql_real_escape_string($_POST['Forename']);
$Surname = mysql_real_escape_string($_POST['Surname']);
$Password = mysql_real_escape_string($_POST['Password']);
$query = "SELECT * FROM `tblExplorerGroup` WHERE `Forename`='$Forename' AND `Surname`='$Surname' AND `Password`= '$Password'";
$result = mysql_query($query) or die("ERROR: " . mysql_error());
if(mysql_num_rows($result) > 0) # we found a match, so set $_SESSION flag:
{
$_SESSION['logged'] = TRUE;

// and assign a user_type SESSION value to the current user
$row = mysql_fetch_object($result);
$_SESSION['user_type'] = (strtolower($row->user_type) == 'leader') ? 'leader' : 'explorer';

if(isset($_SESSION['caller']))
{
header("Location: " . $_SESSION['caller']);
exit;
}
else # otherwise go to main page
{
header("Location: FrontPage.php");
exit;
}
}
else # invalid login, so create error message
{
$error = "<p id='error'>ERROR: Invalid user name and/or password.</p>";
}
}

?>


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>
<head>
<title>Please Login</title>
<link rel=stylesheet type="text/css" href="Style.css">
<style type="text/css">
<!--
fieldset {
width: 20em;
margin: 1em auto;
}
legend {
font-size: large;
font-weight: bold;
}
label {
float: left;
width: 6em;
}
fieldset p {
clear: both;
}
#error {
color: #c00;
font-weight: bold;
}

</style>

</head>

<body background="img/background.jpg" bottommargin="0" leftmargin="0" marginheight="0" marginwidth="0" rightmargin="0" topmargin="0">

<center><table width="765" height="100%" cellpadding="0" cellspacing="0" border="0" background="img/mainbackground.jpg"><tr valign="top"><td>

<table width="764" height="97" cellpadding="0" cellspacing="0" border="0">
<tr valign="top">
<td width="248"><!-- logo image --><img src="img/templogo.jpg" width="248" height="97" border="0" alt=""><!-- end logo image --></td>
<td width="100%" background="img/toplogobg.jpg"><img src="img/toplogobg.jpg" width="22" height="97" border="0" alt=""></td>
</tr>
</table>
<table width="764" height="42" cellpadding="0" cellspacing="0" border="0">
<tr valign="top">
<td width="169"><img src="img/left1.jpg" width="169" height="42" border="0" alt=""></td>
<td width="100%" background="img/left1bg.jpg"><img src="img/left1bg.jpg" width="20" height="42" border="0" alt=""></td>
</tr>
</table>

<table width="764" cellpadding="0" cellspacing="0" border="0">
<tr valign="top">
<td width="150">
</td>

<td width="10">&nbsp;</td>
<td width="744">

<!-- add your content below -->
<BR>
<BR><BR><BR><BR>
<BR><BR><BR><BR><BR>
<center><form action='<?php echo $_SESSION['PHP_SELF'] ?>' method='post'>
<fieldset>
<legend>Log In</legend>
<p><label for="Forename">Forename:</label>
<input name="Forename" type="text" size="16" maxlength="16">
</p>
<p><label for="Surname">Surname:</label>
<input name="Surname" type="text" size="16" maxlength="16">
</p>
<p><label for="Password">Password:</label>
<input name="Password" type="password" size="16" maxlength="16">
</p>

<p><input type="submit" name="submit" value="Log In"></p>
<?php
if(!empty($error))
{
echo $error;
}
?>
</fieldset>
</form>
</center>
</td>
<td width="10">&nbsp;</td>
</tr>
</table>
</td></tr></table></center>
</body>
</html>

And if you have not already done so add a user_type field to your tblExplorerGroup table. Then if you would like the user to be treated as a leader set the relative user's user_title value to leader

When you have done this you may retrieve the user type of any logged in user by accessing the user_type SESSION value:

// if the relative user is a leader redirect to 'index2.php'
if($_SESSION['user_type'] == 'leader')
{
header('Location: index2.php');
}

// otherwise (if the user is an explorer) redirect to 'index3.php'
else
{
header('Location: index3.php');
}