i'm trying to creat 2 kind of acess from registered users
the administrators and the normal members
what I thought that I could use is the folowing:
<?php
// Recebemos os dados digitados pelo utilizador
$util = $_POST['utilizador'];
$pass = $_POST['password'];
$acess = $_POST['acesso'];
$conn = mysql_connect("localhost", "root", "") or die("Impossivel conectar");
if($conn)
{
mysql_select_db("eventos", $conn);
}
$sql = "SELECT * FROM utilizador WHERE login = '$util' AND senha = '$pass' and acesso = $acess";
$rs = mysql_query($sql, $conn);
$num = mysql_num_rows($rs);
if($num > 0)
{
$rst = mysql_fetch_array($rs);
$id = $rst["id"];
//$nome = $rst["nome"];
$login = $rst["login"];
$acess = $rst["acesso"];
//Inicia a sessão
session_start();
$_SESSION["utilizador"] = $login;
mysql_close($conn);
echo "<meta http-equiv='refresh' content='0;URL=index.php'>";
}
else
{
mysql_close($conn);
echo "<table width='100%' border='1' cellpadding='3' cellspacing='1' bgcolor='#FFFFFF'>";
echo "</table>";
echo "<b>Nenhum utilizador foi encontrado com os dados introduzidos... Por favor, tente novamente. Obrigado</b>";
echo "<meta URL=acessCheck.php?acesso=$acess\">";
echo "<meta http-equiv='refresh' content='4;URL=index.php?>";
}
?>
in this piece of code, along with the username and password saving, I also have the $acess varaible which keeps "1" or "2", and in the end it sends the value in the <meta> tag to "acessCheck.php"
1=members acess, 2=administrator acess
acessCheck.php:
<?php
$conn = mysql_connect("localhost", "root", "") or die("Impossivel conectar");
$id = $_SESSION['id']; // session member id
$acess = intval($_GET['acesso']);
$sql = mysql_query("SELECT * FROM utilizador WHERE acesso='$acess'");
$sqlM = mysql_fetch_assoc($sql);
$membro = $sqlM['acesso']; // Isto pega o nivel do membro
if($membro == 2)
{
echo "<p align=left>Bem-vindo(a) ". $_SESSION['utilizador']."</p>"; //mostra informação da sessão
echo "<p align=right><a href=admin.php>Administrar</a></p>";
echo "<p align=right><a href=logout.php>Log Out</a></p>";
}
else if ($membro == 1) {
echo "<p align=left>Bem-vindo(a) ". $_SESSION['utilizador']."</p>"; //mostra informação da sessão
echo "<p align=right><a href=logout.php>Log Out</a></p>";
}
else {
include("login.php");
}
?>
and I include acessCheck.php into "index.php" in this piece of code below
...
<?php if (isset($_SESSION['utilizador']))
{
//echo "<li><a href='#'>Admin</a></li>";
include ("acessCheck.php");
}
echo "<br>";
echo "<br>";
?>
...
althought this is returning me this error:
Notice: Undefined index: id in C:\xampp\htdocs\xampp\eventos\acessCheck.php on line 4
Notice: Undefined index: acesso in C:\xampp\htdocs\xampp\eventos\acessCheck.php on line 5
Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\xampp\eventos\acessCheck.php on line 7
for what I know, if it is returning boolen, which in this case it is status "false".. i understand the select didn't select anything according to the conditions..
I've already checked if the parameter $acess sent was the same everywhere and it is.. my guess is that that <meta> is not doing so good
what do you think?