13 Replies - 13821 Views - Last Post: 05 July 2011 - 05:26 AM Rate Topic: -----

#1 feedz87  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 27
  • Joined: 26-May 11

Admin and user login

Posted 04 July 2011 - 01:57 AM

Hi,

I have a site with a login form for users and administrators to enter their details. Anyone can show me simple code how to separate between admin login and user login because i'm new in php.I uses PHP object oriented.Anyone can show me simple tutorial and easy to understand how to do that login.
Is This A Good Question/Topic? 0
  • +

Replies To: Admin and user login

#2 paradoxia  Icon User is offline

  • D.I.C Head

Reputation: 2
  • View blog
  • Posts: 163
  • Joined: 02-July 11

Re: Admin and user login

Posted 04 July 2011 - 02:04 AM

Do you want a separate page for authenticating users, and another separate page for authenticating administrators?
Was This Post Helpful? 0
  • +
  • -

#3 noorahmad  Icon User is offline

  • Untitled
  • member icon

Reputation: 209
  • View blog
  • Posts: 2,290
  • Joined: 12-March 09

Re: Admin and user login

Posted 04 July 2011 - 02:05 AM

Tip: Add Groups column in your users table and check the value when user logged in successfully.

<?PHP
#........... after login success
$Groups = $result["Groups"];
if($Groups == 1){ // "Admin"
	// show admin tasks...
}else if($Groups == 2){
	// show users tasks...
}
?>


Was This Post Helpful? 0
  • +
  • -

#4 feedz87  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 27
  • Joined: 26-May 11

Re: Admin and user login

Posted 04 July 2011 - 02:32 AM

In my table i have Admin=Y for admin and admin=N for user.My problem is i dont know how to authenticate user and admin
Was This Post Helpful? 0
  • +
  • -

#5 codeprada  Icon User is offline

  • Changed Man With Different Priorities
  • member icon

Reputation: 946
  • View blog
  • Posts: 2,355
  • Joined: 15-February 11

Re: Admin and user login

Posted 04 July 2011 - 06:40 AM

Adding a column to the users and naming it admin or whatever isn't the best design and limits the scalability of the database.

My suggestion is you make a new table named `groups`. Have a column named `group` in your user table of type integer.
--Example Code
CREATE TABLE `groups`
(
	`id` INTEGER PRIMARY KEY AUTO_INCREMENT,
	`name` VARCHAR(15) NOT NULL,
	`level` INTEGER NOT NULL,
	UNIQUE KEY (`name`),
	FOREIGN KEY (`id`) REFERENCES `your_user_table`(`group`)
	ON UPDATE CASCADE ON DELETE RESTRICT
)

That's what your table might like. You can determine if someone's an admin by either checking the name or level column. For instance an Administrator may have a level of 100 a Power User 60, Normal User 20...totally up to you.

Your query to check login would be along the lines of
SELECT 
	COUNT(`users`.`id`), 
	`groups`.`level` 
FROM 
	`users` 
LEFT JOIN 
	`groups` 
ON 
	`your_user_table`.`group` = `groups`.`id` 
WHERE 
	`username` = '$username' AND `password` = '$password'



You shouldn't get back more than one row providing your user table has only one instance of each person's credentials. You'll also get the admin level from that query. You can now simply store the level in a session variable to be used throughout your site.
Was This Post Helpful? 1
  • +
  • -

#6 feedz87  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 27
  • Joined: 26-May 11

Re: Admin and user login

Posted 04 July 2011 - 07:26 PM

if(isset($_POST['Login']))
{
		
		$loginName = $_POST['loginName'];
		$loginPass = $_POST['loginPass'];
		
		if($loginName =="" || $loginPass =="")
		{
			echo "<script language='Javascript'>alert('There is incomplete Login. Please Retry!.');window.location = '../index.php';			 			</script>";
		}
  
		else
		{
			$Login = new Login();
			$LoginSuccess = $Login->LoginCheck($loginName,$loginPass);
			if($LoginSuccess)
			{
				
				$Supervisor = new Supervisor();
  				$CheckSupervisor = $Supervisor->checkSupervisor($loginName);
				while($CheckSupervisor)
				{
					 If $_SESSION["Admin"]='Y'
					 {
						echo "<script language='Javascript'>alert('Login  as admin');window.location = '../boundary/adminMenu.php';	   	   						</script>";
					 }
					 else
					 {
					 	echo "<script language='Javascript'>alert('Login  as user');window.location = '../boundary/supervisorMenu.php';	   	   					</script>";
					 }
				}	 
			}
			
		  }	
}		  
	
else 
{
	echo "<script language='Javascript'>alert('Login Unsuccessful. Please login again!.');window.location = '../index.php';		    			    </script>";
			
}


I try do like this but not running.Anyone can help me because im new in php

This post has been edited by feedz87: 04 July 2011 - 07:44 PM

Was This Post Helpful? 0
  • +
  • -

#7 maniacalsounds  Icon User is offline

  • D.I.C Regular
  • member icon

Reputation: 117
  • View blog
  • Posts: 472
  • Joined: 27-June 10

Re: Admin and user login

Posted 04 July 2011 - 08:35 PM

Can you please post the Login and Supervisor classes? Because it's not necessarily clear unless we can see what each method called does. Thanks :)
Was This Post Helpful? 0
  • +
  • -

#8 feedz87  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 27
  • Joined: 26-May 11

Re: Admin and user login

Posted 04 July 2011 - 08:42 PM

<?php
class Login
{
	public $loginName;
	private $loginPass;

	public function __Construct()
	{
	}
	
	public function LoginCheck($loginName,$loginPass)
	{
		include ('../database/databaseConnection.php');
    	$db = new sql_db();
		$query_login = "SELECT * FROM tbl_sm_users WHERE userID='$loginName' AND Password='$loginPass' ";
	
		$login = $db ->sql_query($query_login);
		$loginfetch = $db -> sql_fetchrow($login); 
	
		if(($loginfetch['userID']==$loginName)&&($loginfetch['Password']==$loginPass)&& $loginfetch!='')
		{
			$_SESSION['userID']=$loginfetch['userID'];
			$_SESSION['auth']=  true;
		
			$db->sql_close();
			return true;	
		}
		else 
		{
			$db->sql_close();	
			return false;
		}
	}
	
}
?>


This is login class.I have no supervisor class,
Was This Post Helpful? 0
  • +
  • -

#9 maniacalsounds  Icon User is offline

  • D.I.C Regular
  • member icon

Reputation: 117
  • View blog
  • Posts: 472
  • Joined: 27-June 10

Re: Admin and user login

Posted 04 July 2011 - 08:47 PM

There's your "probable" problem. There's no supervisor class. Look at line 19 on your previous post. You made a class to a Supervisor class, even though there isn't one.

Happy coding. :)
Was This Post Helpful? 0
  • +
  • -

#10 feedz87  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 27
  • Joined: 26-May 11

Re: Admin and user login

Posted 04 July 2011 - 09:02 PM

<?php
class Supervisor
{
 	public $supervisorID;


 
	public function __Construct()
	{
	}
	
	
	public function checkAdmin($Admin)
   {
  		include ("../database/serverConnection.php");
		include ('../database/databaseConnection.php');
  		$sql = "SELECT * FROM tbl_sm_users WHERE Admin='$Admin' and admin = 'Y' ";
  		$result=mysql_query($sql) or die ('Query Failed' . mysql_error());
  		$row = mysql_fetch_array($result, MYSQL_ASSOC);
  		if (mysql_num_rows($result) == 1) 
		{
			return $result;
		}
   
   		else 
    		return false;
  	}
	
	
 }
?>


This is my supervisor class.I have change checkSupervisor into checkAdmin.
Was This Post Helpful? 0
  • +
  • -

#11 maniacalsounds  Icon User is offline

  • D.I.C Regular
  • member icon

Reputation: 117
  • View blog
  • Posts: 472
  • Joined: 27-June 10

Re: Admin and user login

Posted 04 July 2011 - 09:05 PM

You JUST said you didn't have a Supervisor class. :P

In your checkAdmin() method, you never created the database connection from which to use.
Was This Post Helpful? 0
  • +
  • -

#12 feedz87  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 27
  • Joined: 26-May 11

Re: Admin and user login

Posted 04 July 2011 - 09:05 PM

if(isset($_POST['Login']))
{
		
		$loginName = $_POST['loginName'];
		$loginPass = $_POST['loginPass'];
		
		if($loginName =="" || $loginPass =="")
		{
			echo "<script language='Javascript'>alert('There is incomplete Login. Please Retry!.');window.location = '../index.php';			 			</script>";
		}
  
		else
		{
			$Login = new Login();
			$LoginSuccess = $Login->LoginCheck($loginName,$loginPass);
			if($LoginSuccess)
			{
				
				$Admin = new Admin();
  				$CheckAdmin = $Supervisor->checkAdmin($Admin);
				while($CheckAdmin)
				{
					while($CheckAdmin)
					{
						if($_SESSION['Admin']='Y')
						{
							echo "<script language='Javascript'>alert('Login  Successful');window.location = 			                																							 	 	                    '../boundary/supervisorMenu.php';</script>";
						}	
						else
						{
							echo "<script language='Javascript'>alert('Login  Successful');window.location = 			                																							 	 	                	'../boundary/supervisorMenu.php';</script>";
						}
						
					}
					
					
				}	 
			}
			
		  }	
}	


This is my current login control.My system still cannot separate between user and admin.
Was This Post Helpful? 0
  • +
  • -

#13 feedz87  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 27
  • Joined: 26-May 11

Re: Admin and user login

Posted 04 July 2011 - 09:46 PM

i will post the login control and login class.I hope everybody can help me because i'm realy new in php.

LOGIN CONTROL
<?php
session_start();
include ("../entity/login_class.php");

if(isset($_POST['Login']))
{
		
		$loginName = $_POST['loginName'];
		$loginPass = $_POST['loginPass'];
		
		if($loginName =="" || $loginPass =="")
		{
			echo "<script language='Javascript'>alert('There is incomplete Login. Please Retry!.');window.location = '../index.php';			 			</script>";
		}
  
		else
		{
			$Login = new Login();
			$LoginSuccess = $Login->LoginCheck($loginName,$loginPass);
			if($LoginSuccess)
			{
				
				$Admin = new Admin();
  				$CheckAdmin = $Supervisor->checkAdmin($Admin);
					while($CheckAdmin)
					{
						while($_SESSION['admin']=='Y')
						{
							echo "<script language='Javascript'>alert('Login  Successful');window.location =								                            '../boundary/supervisorMenu.php';</script>";
						}
					}
			}
			else 
			{
				echo "<script language='Javascript'>alert('Login Unsuccessful. Please login again!.');window.location = '../index.php';		    			 </script>";
			}
			
		}
		
}
		
?>


LOGIN CLASS
<?php
class Login
{
	public $loginName;
	private $loginPass;
	public $Admin;

	public function __Construct()
	{
	}
	
	public function LoginCheck($loginName,$loginPass)
	{
		include ('../database/databaseConnection.php');
    	$db = new sql_db();
		$query_login = "SELECT * FROM tbl_sm_users WHERE userID='$loginName' AND Password='$loginPass' ";
	
		$login = $db ->sql_query($query_login);
		$loginfetch = $db -> sql_fetchrow($login); 
	
		if(($loginfetch['userID']==$loginName)&&($loginfetch['Password']==$loginPass)&& $loginfetch!='')
		{
			$_SESSION['userID']=$loginfetch['userID'];
			$_SESSION['auth']=  true;
		
			$db->sql_close();
			return true;	
		}
		else 
		{
			$db->sql_close();	
			return false;
		}
	}
	
	public function checkAdmin($Admin)
    {
  		include ("../database/serverConnection.php");
		include ('../database/databaseConnection.php');
  		$sql = "SELECT * FROM tbl_sm_users WHERE Admin='$Admin' and admin = 'Y' ";
  		$Admin=mysql_query($sql) or die ('Query Failed' . mysql_error());
  		$row = mysql_fetch_array($Admin, MYSQL_ASSOC);
  		if (mysql_num_rows($Admin) == 1) 
		{
			return $Admin;
		}
   
   		else 
    		return false;
  	}
	
}
?>


- MY PROBLEM IS I CANNOT SEPARATE BETWEEN USER AND ADMIN.
Was This Post Helpful? 0
  • +
  • -

#14 codeprada  Icon User is offline

  • Changed Man With Different Priorities
  • member icon

Reputation: 946
  • View blog
  • Posts: 2,355
  • Joined: 15-February 11

Re: Admin and user login

Posted 05 July 2011 - 05:26 AM

Your approaching it wrong. From looking at your code you could have eliminated the need for a checkAdmin function. Here's why.

In LoginCheck your query is SELECT * FROM tbl_sm_users..... which means you're returning all the columns\fields. You could have simply inserted on line 25
if(strcasecmp($loginfetch['Admin'], 'y') == 0){
     $this->Admin = true; //Note the $this which specifies we're referencing the current instance of your class
}
else
{
    $this->Admin = false;
}

This way would eliminate the need for your checkAdmin function. Also you should make Admin a publicly accessible but instead make it private and accessible via a magic method.
public function __get($var)
{
      if(isset($this->$var))
           return $this->$var;
      return NULL;
}

///...

$login = new Login();
///...
if($login->Admin){} //get admin from our magic method


Was This Post Helpful? 0
  • +
  • -

Page 1 of 1