Login - User Level

[yash87]

Hi, I would like to make a login page with 2 different user level, Admin & Staff.  How can i do it using d code below.

 

Thank u.

 

<?php
$host="localhost";
$username="root"; 
$password=""; 
$db_name="profile";
$tbl_name="company";


mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("Cannot Select Database");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];


$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);


if($count==1){

session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

[Pikachu2000]

Do you have a field in each user's database record indicating their rank or level? If so, you can set that asa a $_SESSION var, and just run a check against it when needed.

 

Side note: session_register() is deprecated. Use $_SESSION['myusername'] = $myusername; syntax instead. Also, unless magic_quotes_gpc = On, there's no reason to use stripslashes() on incoming form data.