I am trying to display the information A if login as user and information B if login as admin. The problem here is that, I am only able to execute the first if statement
and the else statement
which means I am able to login. However, it will never get into the else if statement
. Can anyone help me, I am not sure what is the problem here.
<?php
$dbhost = "localhost";
$dbuser = "root";
$dbpassword = "";
$dbdatabase = "test";
$db = mysql_connect($dbhost, $dbuser, $dbpassword);
mysql_select_db($dbdatabase, $db);
?>
<?php
if(!isset($_SESSION)){
session_start();
}
include("configuration.php");
?>
<html>
<body>
<?php
if (isset($_SESSION['SESS_EXIST']) == true && isset($_SESSION['SESS_TYPE']) == 'A' ){ ?>
//this is the user html information form
<?php }
else if (isset($_SESSION['SESS_EXIST']) == true && isset($_SESSION['SESS_TYPE1']) == 'B' ){ ?>
//this is the admin html information form
<?php } else { ?>
//ask user/admin to login html form
<form action ="login.php">
<button type="submit" name="login" class="btn-primary">Sign Up</button>
</form>
<?php } ?>
</body>
</html>
<?php
session_start();
require("configuration.php");
if(isset($_SESSION['SESS_EXIST']) == TRUE) {
header("Location: somewhere.php");
die();
}
$email = $_POST['Email'];
$pass = $_POST['Pass'];
$sql = "SELECT * FROM user WHERE Email='$email' and Pass ='$pass' " ;
$res = mysql_query($sql);
$rows = mysql_num_rows($res);
$sql1 = "SELECT * FROM admin WHERE Email='$email' and Pass ='$pass' " ;
$res1 = mysql_query($sql1);
$rows1 = mysql_num_rows($res1);
if($rows == 1)
{
$row = mysql_fetch_assoc($res);
$_SESSION['SESS_EMAIL'] = $row['Email'];
$_SESSION['SESS_NAME'] = $row['Name'];
$_SESSION['SESS_PASS'] = $row['Pass'];
$_SESSION['SESS_TYPE'] = 'A';
$_SESSION['SESS_LOGGED'] = 1;
header("Location: somewhere.php");
die();
}
else if($rows1 == 1)
{
$row1 = mysql_fetch_assoc($res1);
$_SESSION['SESS_EMAIL1'] = $row['Email'];
$_SESSION['SESS_NAME1'] = $row['Name'];
$_SESSION['SESS_PASS1'] = $row['Pass'];
$_SESSION['SESS_TYPE1'] = 'B';
$_SESSION['SESS_LOGGED'] = 1;
header("Location: somewhere.php");
die();
}
else {
echo '<script language = "javascript">';
echo 'alert("Fail login")';
echo '</script>';
echo "<script>window.location.assign('somewhere.php')</script>";
die();
}
?>
I think you don't reset your SESSION when you Logout. Try this:
Login.php
<?php
session_start();
require("configuration.php");
if(isset($_SESSION['SESS_EXIST']) == TRUE) {
header("Location: somewhere.php");
die();
}
session_unset();
$email = $_POST['Email'];
$pass = $_POST['Pass'];
$sql = "SELECT * FROM user WHERE Email='$email' and Pass ='$pass' " ;
$res = mysql_query($sql);
$rows = mysql_num_rows($res);
$sql1 = "SELECT * FROM admin WHERE Email='$email' and Pass ='$pass' " ;
$res1 = mysql_query($sql1);
$rows1 = mysql_num_rows($res1);
if($rows == 1)
{
$row = mysql_fetch_assoc($res);
$_SESSION['SESS_EMAIL'] = $row['Email'];
$_SESSION['SESS_NAME'] = $row['Name'];
$_SESSION['SESS_PASS'] = $row['Pass'];
$_SESSION['SESS_TYPE'] = 'A';
$_SESSION['SESS_LOGGED'] = 1;
header("Location: somewhere.php");
die();
}
else if($rows1 == 1)
{
$row1 = mysql_fetch_assoc($res1);
$_SESSION['SESS_EMAIL1'] = $row['Email'];
$_SESSION['SESS_NAME1'] = $row['Name'];
$_SESSION['SESS_PASS1'] = $row['Pass'];
$_SESSION['SESS_TYPE1'] = 'B';
$_SESSION['SESS_LOGGED'] = 1;
header("Location: somewhere.php");
die();
}
else {
echo '<script language = "javascript">';
echo 'alert("Fail login")';
echo '</script>';
echo "<script>window.location.assign('somewhere.php')</script>";
die();
}
?>
Your If-Statement is also no correct. As mentioned in other answers it should be like this:
somewhere.php Edit
<?php
if(!isset($_SESSION)){
session_start();
}
include("configuration.php");
?>
<html>
<body>
<?php
if(isset($_SESSION['SESS_EXIST'])){
if ($_SESSION['SESS_EXIST'] == true && $_SESSION['SESS_TYPE'] == 'A' ){
?> //this is the user html information form <?php
}
else if ($_SESSION['SESS_EXIST'] == true && $_SESSION['SESS_TYPE1'] == 'B' ){
?> //this is the admin html information form <?php
}
} else { ?> //ask user/admin to login html form
<form action ="login.php">
<button type="submit" name="login" class="btn-primary">Sign Up</button>
</form>
<?php
}
?>
</body>
</html>