PHP login page not working correctly

Question

Right so I have a login page that needs to be able to load the right page after login for the right users. Like Administrators will have an Admin page while Users will have their user page. I have this problem where no matter which user, be it administrator or normal user, who logs in, it directs them to the Admin page. I need help regarding this as it's a school project and I have a interim review demo scheduled on Wednesday.

Here's my coding so far:

Login.php

 <!DOCTYPE html> <html> <head> <meta charset="ISO-8859-1"> <title>Kinder App Login</title> </head> <style> body {background-image: url("/KinderApp/images/Untitled-1.png"); background-repeat: no-repeat;}] header {color:black; background-color:white;} footer {color:green; background-color:lightgrey; } h1 {font-family:Comic Sans, Comic Sans MS, cursive; font-size:50px; } span {font-family:Comic Sans, Comic Sans MS, cursive; font-size: 15px; color:blue; } div {font-family:Comic Sans, Comic Sans MS, cursive; font-size: 15px; color:red; } table, th, td {border: 0px solid black; border-collapse: collapse; background: rgba(248,248,255,0.3);} </style> <script type="text/javascript"> function display_c(){ var refresh=1000; // Refresh rate in milli seconds mytime=setTimeout('display_ct()',refresh) } function display_ct() { var strcount var x = new Date() document.getElementById('ct').innerHTML = x; tt=display_c(); } </script> <body onload=display_ct();> <center><header>Kinder App</header></center> <center><h1>Kinder App - Login</h1></center> <center><table border="1" style="width:25%"> <tr> <td><br></td> <td><br></td> </tr> <tr> <td><center>Username:</center></td> <td><form name="myform" action="login_field.php" method="POST"> <center><input type=text name="user"/></center></td> </tr> <tr> <td><center>Password:</center></td> <td><center><input type=password name="pass"/></center></td> </tr> <tr> <td> <center><input type="submit" value="Login"></center></form> </td> <td> <center><form action="Register.php" method="POST"> <center><input type="submit" value="Register"></center></form></center> </td> </tr> <tr> <td><br></td> <td><br></td> </tr> </table></center> <br> <br> <br> <br> <br> <br> <br> <br> <br> <br> <br> <br> <br> <br> <br> <br> <br> <br> <br> <br> <p align="right"><b><span id='ct' ></span></b></p> <footer><center>Copyright © All Rights Reserved</center></footer> </body> </html> 

login_field.php

 <!DOCTYPE html> <html> <head> <meta charset="ISO-8859-1"> </head> <style> div {font-family:Comic Sans, Comic Sans MS, cursive; font-size: 20px; color:red; } </style> <?php define ("DB_USER", "root"); define ("DB_PASSWORD", ""); define ("DB_HOST", "localhost"); define ("DB_NAME", "kp2admin"); $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); $userName=$_POST["user"]; $password=$_POST["pass"]; $sql = "SELECT `Username`, `Password`, Role` FROM `users` WHERE `Password` LIKE '".$password."' "; $result=mysqli_query($dbc, $sql); if($result != $userName && $password && "Administrator"){ header('Location: http://localhost:81/KinderApp/KinderAppAdmin.html'); } else if($result != $userName && $password && "User"){ header('Location: http://localhost:81/KinderApp/KinderAppUser.html'); } else{ echo "<center><div><b>ACCESS DENIED!!!</b></div></center><br><center>Incorrect Login Credentials</center>"; } mysqli_close($dbc); ?> </body> </html> 

EDIT

UPDATE. I am using session now but the problem I having now is that the login wont work at all. Every time I try to login, i go straight to the Access Denied page.

Edited login_field.php

 <!DOCTYPE html> <html> <head> <meta charset="ISO-8859-1"> </head> <style> body {background-size: 14400px 900px;} div {font-family:Comic Sans, Comic Sans MS, cursive; font-size: 70px; color:red; } p {vertical-align:center; horizontal-align:center;} </style> <?php define ("DB_USER", "root"); define ("DB_PASSWORD", ""); define ("DB_HOST", "localhost"); define ("DB_NAME", "kp2admin"); $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); $userName=$_POST["user"]; $password=$_POST["pass"]; $password = md5($password); $isAdmin = mysqli_query($dbc, "SELECT Username FROM users WHERE Username='".$userName."' AND Password='".$password."' AND Role = 'Administrator'") or die(mysqli_error()); $loginAdmin = mysqli_num_rows($isAdmin); $isUser = mysqli_query($dbc, "SELECT Username FROM users WHERE Username='".$userName."' AND Password='".$password."' AND Role = 'User'" ) or die(mysqli_error()); $loginUser = mysqli_num_rows($isUser); $login=0; if($loginAdmin == 1){ session_start(); $_SESSION['Username'] = $userName; header("Location: http://localhost:81/KinderApp/KinderAppAdmin.html"); } else if($loginUser == 1){ session_start(); $_SESSION['Username'] = $userName; header("Location: http://localhost:81/KinderApp/KinderAppUser.html"); } else if($login == 0){ echo "<center><p><div><b>ACCESS DENIED!!!</b></div></center><br><center>Incorrect Login Credentials</p></center>"; echo "<form action='Login.php' method='POST'><center><input type='submit' value='Back'></center></form>"; } mysqli_close($dbc); ?> </body> </html> 

Answer 1

<?php
# Define connection (PDO//MYSQL)
define('DB_TYPE', 'mysql');
define('DB_HOST', 'localhost');
define('DB_NAME', 'db_name');
define('DB_USER', 'user');
define('DB_PASS', 'pass');

$db = new PDO(DB_TYPE . ':host=' . DB_HOST . ';dbname=' . DB_NAME, DB_USER, DB_PASS, $options);

# Set up variables for use. Look up bcrypt as plaintext passwords = BIG NO NO
$userName=$_POST["user"];
$password=$_POST["pass"];

# Set up SQL query. You weren't using `username` in your where clause
# Binding variables ($query->bindValue) means the query treats them as a string
# and *shouldn't* execute any malicious SQL code supplied by a user
$sql = "SELECT  `Username`, `Password`, `Role` FROM `users` WHERE `Username` = :user AND `Password` = :pass";
$query = $db->prepare($sql);
$query->bindValue(':user', $userName);
$query->bindValue(':password', $password);
$query->execute();

# Checks if a valid result is returned. This is basic - there are better ways to do it
# but this is a good start
if ($result = $query->fetch(PDO::FETCH_OBJ)) {
    # Object attributes are accessed as $result->field_name, this checks if it's "administrator"
    if ($result->Role == "Administrator") {
    header('Location: http://localhost:81/KinderApp/KinderAppAdmin.php');
    } elseif ($result->Role == "User") {
    header('Location: http://localhost:81/KinderApp/KinderAppUser.php');
    }
}
# Behaviour for failed login
else {
echo "<center><div><b>ACCESS DENIED!!!</b></div></center><br><center>Incorrect Login Credentials</center>";
}


?>

PDO will prevent (most) SQL injection in conjunction with bound variables. It's a lot more secure this way. Further, you haven't encrypted passwords (do a search for bcrypt for this).

You should also be using sessions to set user data and using this to authenticate on restricted areas, as a user could just access one of your other pages directly, without going through the login process.

Answer 2

$sql = "SELECT  `Username`, `Password`, Role` FROM `users` WHERE `Password` LIKE '".$password."' ";

Please try below one

$sql = "SELECT  `Username`, `Password`, Role` FROM `users` WHERE `Password` ='".$password."' AND Username='".$userName."' ";
$result=mysqli_query($dbc, $sql);
$data=mysqli_fetch_array($result,MYSQLI_ASSOC);
if($data['Role'] ==  "Administrator"){
header('Location: http://localhost:81/KinderApp/KinderAppAdmin.html');
}       
else if($data['Role'] ==  "User"){
    header('Location: http://localhost:81/KinderApp/KinderAppUser.html');
}