gillespiea
December 1st, 2009, 09:16 PM
Hi folks.
I'm trying to keep things simple with my site and i'd quite like to have a cookie made depending on wither the user is an admin or not (admin == 1).
The following is the code i have at the moment and this only creates a cookie and does not select admin (because i don't know what to do to create a query to use the admin == 1 or 0)
//create and issue the query
$sql = "SELECT f_name, l_name FROM users WHERE username = '".$_POST["username"]."' AND password = PASSWORD('".$_POST["password"]."')";
$result = mysqli_query($mysqli, $sql) or die(mysqli_error($mysqli));
//get the number of rows in the result set; should be 1 if a match
if (mysqli_num_rows($result) == 1) {
//if authorized, get the values of f_name l_name
while ($info = mysqli_fetch_array($result)) {
$f_name = stripslashes($info['f_name']);
$l_name = stripslashes($info['l_name']);
}
//set authorization cookie
setcookie("auth", "1", 0, "/", "127.0.0.1", 0);
//create display string
$display_block = "
<p>".$f_name." ".$l_name." is authorized!</p>
<h2>Authorized Users' Menu:</h2>
<ul>
<li><a href=\"/admin/addnews.php\">Add News</a></li>
</ul>";
} else {
//redirect back to login form if not authorized
header("Location: index.php");
exit;
}
anyone able to help create my query as i'm very new to php and mysql?
I'm very lost.
I'm trying to keep things simple with my site and i'd quite like to have a cookie made depending on wither the user is an admin or not (admin == 1).
The following is the code i have at the moment and this only creates a cookie and does not select admin (because i don't know what to do to create a query to use the admin == 1 or 0)
//create and issue the query
$sql = "SELECT f_name, l_name FROM users WHERE username = '".$_POST["username"]."' AND password = PASSWORD('".$_POST["password"]."')";
$result = mysqli_query($mysqli, $sql) or die(mysqli_error($mysqli));
//get the number of rows in the result set; should be 1 if a match
if (mysqli_num_rows($result) == 1) {
//if authorized, get the values of f_name l_name
while ($info = mysqli_fetch_array($result)) {
$f_name = stripslashes($info['f_name']);
$l_name = stripslashes($info['l_name']);
}
//set authorization cookie
setcookie("auth", "1", 0, "/", "127.0.0.1", 0);
//create display string
$display_block = "
<p>".$f_name." ".$l_name." is authorized!</p>
<h2>Authorized Users' Menu:</h2>
<ul>
<li><a href=\"/admin/addnews.php\">Add News</a></li>
</ul>";
} else {
//redirect back to login form if not authorized
header("Location: index.php");
exit;
}
anyone able to help create my query as i'm very new to php and mysql?
I'm very lost.