I have a login form with <form method="POST" action="formdata.php">
In formdata.php I have the variables as
$n=$_POST['name']; $p=$_POST['password'];
Then after succesful login I direct to the page "main.php" .
From main.php I want to check user level and based on user level restrict the pages that a user can access.
To get user level I included
$query=mysql_query("SELECT level FROM member WHERE userName='$n'");
$level=mysql_fetch_array($query);
if ($level==3){
echo "level 3 user";
}
But I don't think I get the user level from the database to the variable $level correctly as it doesn't executes if ($level==3)
.
Can't I use $n
in WHERE userName='$n'
because $n is declared in formdata.php ?
How can I get the level field value from the database?
Your usage is wrong. It must be
if($level[0] == 3)
or
if($level['level'] == 3)
You should look into Sessions
When validating the login in formdata.php, save the user's data into session:
<?php
session_start();
// validate user credentials
$_SESSION['user_level'] = 3;
$_SESSION['user_name'] = 'John Smith';
You can then access this data in your main.php
<?php
session_start();
echo("Hello $_SESSION[user_name]!");
if ($_SESSION['user_level'] > 3) {
echo "You have admin access";
} else {
echo "You're a regular user";
}
Just remember to call session_start()
on every page where you need to access session data. Also read up on the subject before using my sample, it's only a starting point.
mysql_fetch_array
return array don't use it as a string
this condition would be
$level=mysql_fetch_array($query);
if ($level['level']==3){
echo "level 3 user";
}
The problem is here '$n'
check this : $query=mysql_query('SELECT level FROM member WHERE userName="'.$n.'"');
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.