1
I have a login system that, if the user is an administrator, will be redirected to one page and if common, to another.
The table:
For this, I have a column in the table that stores active call users, where 0 is common user and 1 is administrator.
The login:
<!--A parte do formulário-->
<div class="container">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="login-panel panel panel-default">
<div class="panel-heading" style="
margin-top: 14px;">
<h3 class="panel-title">Login</h3>
</div>
<div class="panel-body" style="background: rgba(32, 40, 76, 0.59);">
<?php
if(isset($erro))
if(count($erro) > 0){ ?>
<div class="alert alert-danger">
<?php foreach($erro as $msg) echo "$msg <br>"; ?>
</div>
<?php
}
?>
<form method="post" action="" role="form">
<fieldset style="background: #9498a9;">
<div class="form-group">
<input class="form-control" placeholder="Identifiant" name="identifiant">
</div>
<div class="form-group">
<input class="form-control" required placeholder="Senha" name="senha" type="password" value="">
</div>
<div class="checkbox">
<label>
<input name="remember" type="checkbox" value="Remember Me">Lembrar-me
</label>
</div>
<button type="submit" name="login" value="true" class="btn btn-success btn-block" style="background: #232b4f; border-color: #e2e2e2;">Login</button>
</fieldset>
</form>
</div>
</div>
</div>
</div>
</div>
<!--A lógica-->
<?php
session_start();
//Login de Usários
if($_POST){
include('class/conexao.php');
$erro = array();
// Captação de dados
$senha = mysqli->escape_string($_POST[senha]);
$_SESSION['identifiant'] = $mysqli->escape_string($_POST['identifiant']);
// Validação de dados
if(strlen($identifiant) < 7 || strlen($identifiant) > 7){
$erro[] = "Preencha sua <strong>identifiant</strong> corretamente.";
}else if(strlen($senha) < 5 || strlen($senha) > 16){
$erro[] = "Preencha sua <strong>senha</strong> corretamente.";
}else{
//Até aqui, se não tiver nenhum erro nessa lista de erros aí, prossegue.
$sql = "SELECT senha as senha, identifiant as valor
FROM usuarios
WHERE identifiant = '$_SESSION[identifiant]'";
$que = $mysqli->query($sql) or die($mysqli->error);
$dado = $que->fetch_assoc();
if($que->num_rows == 0){
$erro[] = "Usuário ou senha inválidos.";
}else{
if($_SESSION['identifiant'] == 0){
echo "<script>location.href='http://127.0.0.1/formacao/principal.php';</script>";
exit();
}
if($_SESSION['identifiant'] == 1){
echo "<script>location.href='http://127.0.0.1/formacao/principalUSU.php';</script>";
exit();
}
}
}
}
?>
The validation page:
<?php
if (!empty($_POST) AND (empty($_POST['id']) OR empty($_POST['senha']) AND (`ativo` = 1)) {
header("Location: principal.php");
exit;
} else {
if (!empty($_POST) AND (empty($_POST['id']) OR empty($_POST['senha']) AND (`ativo` = 0){
header("Location: principalUSU.php");
exit;
}
// Tenta se conectar ao servidor MySQL
mysql_connect('localhost', 'root', '', 'db_formacao') or trigger_error(mysql_error());
// Tenta se conectar a um banco de dados MySQL
$identifiant = mysql_real_escape_string($_POST['identifiant']);
$senha = mysql_real_escape_string($_POST['senha']);
$ativo = mysql_real_escape_string($_POST['ativo']);
$sql = "SELECT `id`, `identifiant`, `senha`, `ativo` FROM `usuarios` WHERE (`identifiant` = '". $identifiant ."') AND (`senha` = '". $senha ."') AND (`ativo` = '". $ativo ."')";
$query = mysql_query($sql);
if (mysql_num_rows($query) != 1) {
// Mensagem de erro quando os dados são inválidos e/ou o usuário não foi encontrado
echo "Login inválido!"; exit;
} else {
// Salva os dados encontados na variável $resultado
$resultado = mysql_fetch_assoc($query);
}
?>
This page is not yet being redirected to validation because the action is empty and the action is empty because the validation page does not work.
Every user registered in the table can enter if their identifiant and password are right, but the permission part, which redirects the admin to one page and the user to another, no.
I don’t quite know how I can do that, so I accept help.
So, I copied your code only that where is ID I put identifiant and where is identifiant I put active because the name of the column that is stored the 0 or 1 is this.
– Mariana Bayonetta
I changed all mysql to mysqli as recommended, by the way thanks for that. But the validation page still doesn’t work, gives that error 500. :/
– Mariana Bayonetta
I changed the code... see if you can now.
– user24136
Hi Mariana. I made a new adjustment. See if you can now.
– user24136
So I tried to use your code, but the page stopped working. I’ll see if it’s not some error of mine identation or something.
– Mariana Bayonetta
I’ll edit my question so you can see how it turned out
– Mariana Bayonetta