Login PHP if Admin

Asked

Viewed 130 times

3

Good,

I have a question in the code I’m doing. I want normal users to see one page but if it’s login admin, it will end up on another page . 

$login = mysql_query("SELECT Nome, Password FROM tb_utilizador WHERE Nome = '$Nome' AND Password = '$Password'");
$loginadm = mysql_query("SELECT Nome, Password FROM tb_utilizador WHERE Nome = 'ADMIN' AND Password = 'AdminAdmin'");
$res = mysql_fetch_row($login);
$resadm = mysql_fetch_row($login);
if($res)
    {
        header('location:compras.html');
    }
    else 
    {
         echo "<p>Utilizador ou password invalidos. <a href=\"index.html\">Tente novamente</a></p>";
    }
if($resadm)
    {
        header('location:comprasADM.html');
    }
    else if ($loginAdm)
    {
         echo "<p>Utilizador ou password invalidos. <a href=\"index.html\">Tente novamente</a></p>";
    }
php login

  • $resadm = mysql_fetch_row($login); this shouldn’t be $resadm = mysql_fetch_row($loginadm); ?

  • Excuse my English. You should be aware that the functionmysql_* is obsolete. Y is no longer used in PHP7.. You should be using the functions. mysqli_* or PDO (PHP Data Objects).

1 answer

1

The best thing for this is to add either an admins table (that would be what I would do) or add a column in tb_utilizador with the name ex: is_admin, which can take two values for each line, "1" (is admin), or "0" (is not admin). I will do according to this last option:

$login = mysql_query("SELECT Nome, Password, is_admin FROM tb_utilizador WHERE Nome = '$Nome' AND Password = '$Password'");
$res = mysql_fetch_row($login);

if($res) {
     if($res[2] == 1) {
         header('location:comprasADM.html');
     }
     header('location:compras.html');
}
// isto não vai acontecer se formos redirecionados antes, se estiver tudo bem com qualquer dos logins
echo "<p>Utilizador ou password invalidos. <a ...

Note that there is no point in making two requests to the database.

  • While theoretically your answer is correct, let’s assume that there is more than one administrator, you will be constantly using querys ? Your example is correct, but I think you can only do it with "is_admin". 'ADMIN' and 'Adminadmin' may not be the only administrator access. If is_admin matches 1 then it will see the other page unique to it, no need to add the user and password, we can do with this single field

  • You can do this by reducing your query and using only "is_admin", you from this only field can know if you are admin or not ( 1 or 0 )

  • In cases of developed systems, and those more "heavy", reducing the query to only one field has the advantage of making the system more flexible and the database query more efficient. From "is_admin" only, we can know if you are an administrator or a user. Of course you can!

  • Obrgado @Fábioarsênio

  • Dude, I have a very similar question that I can’t solve at all, if you can just take a look at it: https://answall.com/questions/241731/login-com-system-validating%C3%A7%C3%A3o/242040#242040

Browser other questions tagged php login

You are not signed in. Login or sign up in order to post.