PDA

View Full Version : PHP/MySql Member script Help!


мϊкэ
12-09-2005, 03:52 PM
Right.. i havent asked i question in quite a while now but... here it goes.. im making a members script for the new version of xEnigmA and i want it so if your rank is admin you can edit/delete/add things once you have logged in.
In the MySql Db the rows for this member script are:

ID (Obviously)
UserName
Password
Rank**
Avatar
Email

There are going to be 2 ranks Admin & Member just for now. And i want it so, if your rank is admin you can view the add/delete/edit news part but if you are just a member it will be a blank page. So far to view the menu when you have logged in i am using this:


<?
if (isset($_SESSION['username'])) { // Allows you to view the menu if you're logged in
echo "Menu.";
include ('add.php');
}else{ // If not It displays this
echo "You must login to view the Members Menu.";
}
?>

The session for that is:


$_SESSION['username'] = $row['username'];

ive also made one for the rank


$_SESSION['rank'] = $row['rank'];

I tried something like this for it but it didnt work it just displayed the "Your not logged in message:


<?
if ($_SESSION['rank']=="Admin") { // If you are logged in and your members rank is Admin Display this
echo "Admin Area";
include ('add.php');
}else{ // If not It displays this
echo "You Are not an admin.";
}
?>

But as i said it didnt work it just displayed the "You are not an admin" message. Does anybody know how i could do this?
What i want to know how to do is.
*If you are logged in and your rank is Admin you can view the page, and if not, you get a message saying you are not.

:( I havent tried using a rank system like this before and i cannot remember what i have previously done, Help!
splintercell!
12-09-2005, 04:12 PM
I use number for my ranks which seems to be what most forums do. So im not sure.
мϊкэ
12-09-2005, 04:16 PM
erm i duno...


<?php

if ($_POST['username']) {
$username=$_POST['username'];
$password=$_POST['password'];

if ($password==NULL) {
echo "A password was not supplied";
}else{

$query = mysql_query("SELECT username,password FROM users WHERE username = '$username'") or die(mysql_error());

$data = mysql_fetch_array($query);

if($data['password'] != $password) {
echo "The supplied login is incorrect";
}else{

$query = mysql_query("SELECT username,password FROM users WHERE username = '$username'") or die(mysql_error());

$row = mysql_fetch_array($query);

$_SESSION["rank"] = $row['rank'];
$_SESSION["username"] = $row['username'];

header ('Location: members.php?act=menu');
}
}
}
?>
Login:
<form action='members.php?act=login' method='POST'>
<table class="middles">
<tr>
<td align='left'>
Username:<br><input type='text' size='15' maxlength='25' name='username'>
</td>
</tr>
<tr>
<td align='left'>
Password:<br><input type='password' size='15' maxlength='25' name='password'>
</td>
</tr>
<tr>
<td align='left'>
<input type="submit" value="Login">
</td>
</tr>
<tr>
<td align='left'>
</td>
</tr>
</table>
</form>

session_start(); is in dbconnect... but it works fine with the username one... it logs you in and you can go on the menu anytime then... :s

becuase you use numbers how is your rank row layed out is it like a drop down menu?

Edit: i just tried with numbers didnt work :@
splintercell!
12-09-2005, 06:01 PM
I use enum in mySQL so its '1','2' etc.. but i cant really see where you have included the db connect file :s Ive looked at my own script and yours looks fine really.
мϊкэ
12-09-2005, 07:27 PM
so... what code do you use? Help! im still stuck, i would really like to get this finished before the new layout :(

dbconnect is further up the file, because i needed to use it for something else ;)
splintercell!
12-09-2005, 09:10 PM
AH! I think I may have it you only select two fields from the database so it cant register the user level. Try using SELECT *
Wyked
12-09-2005, 10:08 PM
didnt read ur whole thing but..

if ( $_SESSION['rank'] == "admin")
{
what u want only them to see
}
esle
{
echo "Noob, go away";
}
Wyked
12-09-2005, 10:09 PM
Also to get your variables quick use the while mysql_fetch_rows.. etc.

use

extract($row);

Edit by Michael-W (Forum Moderator): Please don't double post. Simply use the edit button instead.
мϊкэ
13-09-2005, 03:15 PM
so could you just kinda tell me how i should do it, instead of giving me like snippets of what i should do jumbled up?? sorry for bein rude :(

so should it be somthin like:


<?
include("dbconnect.php");

$getrank = mysql_query("SELECT * FROM users");

while($q=mysql_fetch_array($getrank)){

extract($q);

if ($_SESSION["rank"]=="Admin") {
echo "Welcome admin.";
}else{
echo "Go away you loser your not an admin >:|";
}
}
?>

im usin that one and it just displays the "Error" message about 5 - 6 times :s
splintercell!
13-09-2005, 03:22 PM
you just need to edit your login forum from what I see to:


<?php

if ($_POST['username']) {
$username=$_POST['username'];
$password=$_POST['password'];

if ($password==NULL) {
echo "A password was not supplied";
}else{

$query = mysql_query("SELECT * FROM users WHERE username = '$username'") or die(mysql_error());

$data = mysql_fetch_array($query);

if($data['password'] != $password) {
echo "The supplied login is incorrect";
}else{

$query = mysql_query("SELECT * FROM users WHERE username = '$username'") or die(mysql_error());

$row = mysql_fetch_array($query);

$_SESSION["rank"] = $row['rank'];
$_SESSION["username"] = $row['username'];

header ('Location: members.php?act=menu');
}
}
}
?>
Login:
<form action='members.php?act=login' method='POST'>
<table class="middles">
<tr>
<td align='left'>
Username:<br><input type='text' size='15' maxlength='25' name='username'>
</td>
</tr>
<tr>
<td align='left'>
Password:<br><input type='password' size='15' maxlength='25' name='password'>
</td>
</tr>
<tr>
<td align='left'>
<input type="submit" value="Login">
</td>
</tr>
<tr>
<td align='left'>
</td>
</tr>
</table>
</form>

that will hopefully work :)
мϊкэ
13-09-2005, 03:34 PM
you just need to edit your login forum from what I see to:


<?php

if ($_POST['username']) {
$username=$_POST['username'];
$password=$_POST['password'];

if ($password==NULL) {
echo "A password was not supplied";
}else{

$query = mysql_query("SELECT * FROM users WHERE username = '$username'") or die(mysql_error());

$data = mysql_fetch_array($query);

if($data['password'] != $password) {
echo "The supplied login is incorrect";
}else{

$query = mysql_query("SELECT * FROM users WHERE username = '$username'") or die(mysql_error());

$row = mysql_fetch_array($query);

$_SESSION["rank"] = $row['rank'];
$_SESSION["username"] = $row['username'];

header ('Location: members.php?act=menu');
}
}
}
?>
Login:
<form action='members.php?act=login' method='POST'>
<table class="middles">
<tr>
<td align='left'>
Username:<br><input type='text' size='15' maxlength='25' name='username'>
</td>
</tr>
<tr>
<td align='left'>
Password:<br><input type='password' size='15' maxlength='25' name='password'>
</td>
</tr>
<tr>
<td align='left'>
<input type="submit" value="Login">
</td>
</tr>
<tr>
<td align='left'>
</td>
</tr>
</table>
</form>

that will hopefully work :)

Nope :( Normal members can see the admin area aswell
Michael.
13-09-2005, 03:36 PM
I'm about to embark on making one for The-Pit soon (Dear God!).
Is it as hard as this thread looks :p!!
мϊкэ
13-09-2005, 03:38 PM
OOOHHHHH!!! kthnxbi

i fixed it, i did something wrong on the admin area :@ i hadnt changed it from what splint told me it was still a number :(

Thanks for help everybody!!!!

+Rep

Closed!

Want to hide these adverts? Register an account for free!