The_Dude_1978 Posted April 1, 2011 Share Posted April 1, 2011 Hi guy's, I'm having problems adjusting a script to add a level (user rights) function. When i login with a admin or normal user it gives a blank page (not redirecting to home.php). It even does'nt return an echo that user / pass is incorrect. I'm breaking my head over this for day's now. Can you help me out? <?php session_start(); //Login form (index.php) include "db_connect.php"; if(!$_POST['submit']) { ?> <html> <head> <!--[if IE]> <link rel="stylesheet" type="text/css" href="style.css" /> <![endif]--> <![if !IE]> <link rel="stylesheet" type="text/css" href="firefox.css" /> <![endif]> </head> <body> <div id="wrapper"> <div id="header"> <?php include('header.php'); ?> </div> <div class="divider"> <strong>Login</strong> <form method="post" action="index.php"> <div class="formElm"> <label for="username">Klantnummer:</label> <input id="username" type="text" name="username" maxlength="16"> </div> <div class="formElm"> <label for="password">Wachtwoord:</label> <input type="password" name="password" maxlength="16"> </div> <input type="submit" name="submit" value="Login"> </form> </div> <div id="footer"> <?php include('footer.php'); ?> </div> </div> </html> <?php } else { $user = protect($_POST['username']); $pass = protect($_POST['password']); $level = protect($_POST['level']); if($user && $pass && $level) { $pass = md5($pass); //compare the encrypted password $sql1 ="SELECT id,username FROM `users` WHERE `username`='$user' AND `password`='$pass' AND `level`='1'"; $sql2 ="SELECT id,username FROM `users` WHERE `username`='$user' AND `password`='$pass' AND `level`='9'"; $queryN=mysql_query($sql1) or die(mysql_error()); $queryA=mysql_query($sql2) or die(mysql_error()); if(mysql_num_rows($queryN) == 1) { $resultN = mysql_fetch_assoc($queryN); $_SESSION['id'] = $resultN['id']; $_SESSION['username'] = $resultN['username']; header("location:home.php"); } elseif(mysql_num_rows($queryA) == 1) { $resultA = mysql_fetch_assoc($queryA); $_SESSION['id'] = $resultA['id']; $_SESSION['username'] = $resultA['username']; header("location:home.php"); } else{ echo "Wrong Username or Password"; } } } ?> and the mysql code: CREATE TABLE `user` ( `id` int(4) unsigned NOT NULL auto_increment, `username` varchar(32) NOT NULL, `password` varchar(32) NOT NULL, `level` int(4) default '1', PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=27 DEFAULT CHARSET=latin1; Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted April 2, 2011 Share Posted April 2, 2011 Turn on display_errors, and set the error_reporting level to -1 in your php.ini file. Then restart apache and see what errors are reported. Quote Link to comment Share on other sites More sharing options...
The_Dude_1978 Posted April 2, 2011 Author Share Posted April 2, 2011 Hi Pikachu, I've turned on error reporting, so i noticed the error, googled it and came to the conslusion i needed to use : //if(!$_POST['submit']) if (!isset($_POST['submit'])) So i coded it 99% correct fyi i don't know why the post was moved, because it is a combination of 2 scripts i found on the internet. Anyway i'm proud i could solve it myself with a little help from you and google. Best regards, Martijn (The Netherlands) Quote Link to comment Share on other sites More sharing options...
The_Dude_1978 Posted April 2, 2011 Author Share Posted April 2, 2011 Update: Not entirely true, i also had to remove the $level = protect($_POST['level']); and in the next line the &&level Regards, Martijn Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.