I have begun writing a PHP website template system, and have hit a problem
Code:
<?php
include '../includes/db_connect.php';
include '../includes/config_table.inc.php';
$user_name = $_POST["user_name"];
$user_password = $_POST["user_password"];
if ($user_name && $user_password)
{
$salt = substr($user_password, 0, 2);
$userPswd = crypt($user_password, $salt);
$login_check = mysql_num_rows(mysql_query("SELECT * FROM `$user` WHERE user_name='$user_name' AND user_password='$userPswd'" ));
$check_ad = mysql_query("SELECT * FROM `$user` WHERE userlevel=0");
$check_us = mysql_query("SELECT * FROM `$user` WHERE userlevel=1");
//echo("DEBUG:\r\n");
//echo("login_check:".$login_check."\r\n"."check_ad:".$check_ad."\r\n"."check_us:".$check_us."\r\n\r\n");
if ($login_check == 1 && $check_ad) {
echo "Logged In Sucessfully. Please wait while you are redirected";
echo "<meta http-equiv='refresh' content='2; url=setadmincookie.php?u=$username&p=$user_password'>";
} elseif ($login_check == 1 && $check_us) {
echo "Logged In Sucessfully. Please wait while you are redirected";
echo "<meta http-equiv='refresh' content='2; url=setcookie.php?u=$username&p=$user_password'>";
} else {
echo 'Login failed. Username and Password did not match database entries.';
}
}
else
{
echo "Form was not completed. Please go back and make sure that the form was fully completed.";
}
mysql_close();
?>
this code is ment to check the userlevel against the database and send them to one place or another depending on there level.
How ever is isn't working, it is always sending to the admin area, and not the user area.Now i no why it isn't working as it is only checking the database not comparing?
But i don't no how to fix it.
i have two accounts made on the site, one user and one admin. Admin has userlevel 1, user has userlevel 2.
Any ideas? |
