Hi.. i have to use 2 different database to check if the user is the admin or normal user before he/she can do anything. I'm not sure if this is the right menthod to do it, but it's not working. Just wondering if anyone coulh help. thanxs.....This is my code:

Code:

	
PHP Code:
	

		
			

mysql_connect("localhost", "root") or die("Cannot connect to database.");
        
mysql_select_db("project") or die("Cannot connect to database.");
$query = "SELECT Admin_bit from staff where Admin_bit='1'";
    
$result = mysql_query($query) or die ("couldn't connect");
//$num = mysql_num_rows($result) or die;
        
$row = mysql_fetch_assoc($result);
$accessgroup = $row['Admin_bit'];

        
    if($accessgroup == "0")
      {  
    print "You are not authorised to view this page!!";
    exit;
      }else{} 
        
     if ($_POST[$Submit] == "Submit")
      {
         mysql_connect("localhost", "root") or die("Cannot connect to database.");
         mysql_select_db("menu") or die("Cannot connect to database.");
        
    $depart_name = addslashes($_POST['depart_name']);
        
             $query2 = "INSERT INTO department (depart_name) VALUES ('$depart_name')"; 
             $result2 = mysql_query($query2);
        
    if (mysql_affected_rows() == 1)
    {
       print ("<strong>Department $depart_name</strong> has been Successfully added");
            
    }else{
            
    print("<strong>Department $depart_name</strong>fail to add");
                }
} 



		
	

Sorry abt that... Not sure what went wrong. I will post the codes again.

[PHP][CODE]
<?php
mysql_connect("localhost", "root") or die("Cannot connect to database.");

mysql_select_db("project") or die("Cannot connect to database.");
$query = "SELECT Admin_bit from staff where Admin_bit='1'";

$result = mysql_query($query) or die ("couldn't connect");
//$num = mysql_num_rows($result) or die;
$row = mysql_fetch_assoc($result);
$accessgroup = $row['Admin_bit'];

if($accessgroup == "0")
{
print "You are not authorised to view this page!!";
exit;
}else{
}

if ($_POST[$Submit] == "Submit")
{
mysql_connect("localhost", "root") or die("Cannot connect to database.");

mysql_select_db("menu") or die("Cannot connect to database.");



$depart_name = addslashes($_POST['depart_name']);


$query2 = "INSERT INTO department (depart_name) VALUES ('$depart_name')";

$result2 = mysql_query($query2);

if (mysql_affected_rows() == 1)
{
print ("<strong>Department $depart_name</strong> has been Successfully added");

}else{
print("<strong>Department $depart_name</strong>fail to add new user");
}
}
?>

u mean two tables from the same database or two completely different databases?

i dun knoe much about mysql_connect because i normally use mysql_pconnect and ezsql

but ur syntax for mysql_connect slightly wrong

should be something like this

mysql_connect('localhost', 'mysql_user', 'mysql_password');

what was the error msg then?

It's actually 2 different databases. There was no error msg, but the script did not check for the admin user and went straight to the form part. As i have to check for the users to see if they have the rights to add extra department name in.

bluefish you shouldn't need two databases to tell if a user is admin or not. you can do it from one table.

if you have a column named something like user_level then have it set to ENUM and have the options of '0','1','2' then it will use that using the code i showed you in a previous topic. Using that then will distinguish between admin and normal user.

Manson

yap.. i do have a column called user level on a table itself. I'm using sessions now to distinguish between the admin and normal user. But i'm not so sure wat when wrong and it's either always telling mi you're not authorise to both admin and normal users, or it shows the form out to both users and admin to use it...
Any suggestions?

post the php code you are using to distinguish them. how many options have you set the table to hold? e.g. 0 = unathorised, 1 = normal, 2 = admin
is it like that or more options?

My table consist of staffid, Name, password and adminbit. which is either a 1 or 0. 1 is the admin whereas 0 is the normal user.

I'm guessing your using sessions as i helped you before on it so this is what i would use...

PHP Code:

<?php 
mysql_connect("localhost", "root", "password") or die("Cannot connect to database."); 

mysql_select_db("project") or die("Cannot connect to database."); 
 
session_start();

$username= $_SESSION['username'];
$result = mysql_query("SELECT * FROM staff WHERE username='$username'");
$row = mysql_fetch_array($result); 
$accessgroup = $row['Admin_bit']; 

if($accessgroup == "0") 
{ 
print "You are not authorised to view this page!!"; 
exit(); 
}
if($accessgroup == "1")
{

if ($_POST[$Submit] == "Submit") 
{ 
mysql_select_db("menu") or die("Cannot connect to database."); 

$depart_name = addslashes($_POST['depart_name']); 

$query = mysql_query("INSERT INTO department (depart_name) VALUES ('$depart_name')"); 

if (mysql_affected_rows() == 1) 
{ 
print ("<strong>Department $depart_name</strong> has been Successfully added"); 
}else{ 
print("<strong>Department $depart_name</strong>fail to add new user"); 
} 
}
}
?>

I think that should work. That is for just the two settings you have of 0 and 1. If you are having 0 as normal user and 1 as admin, what you gonna use for totally unauthorised users. Maybe you should add a 2 and use that as admin, 1 as normal user and 0 as total unathorised user. but i dunno what exactly you are aiming for in user area.

Hope this helps.

Manson

Thanxs.. i'm gonna try it out...