Login : Redirect According to user level

[yash]

Hi, I would like to make a login page with 2 different user level, Admin & Staff. I'm not sure if my code is correct and I'm facing these errors also. Please help.

Notice: Undefined index: myusername in C:\wamp\www\i-document\login.php on line 14

Notice: Undefined index: mypassword in C:\wamp\www\i-document\login.php on line 15


Thank u.

PHP Code:


<?php
$host="localhost";
$username="root";
$password="";
$db_name="idoc";
$tbl_name="user";


mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("Cannot Select Database");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];


$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);


if($count==1){
   if (user_level == 1) {
        $_SESSION['myusername'] = $myusername;
        $_SESSION['mypassword'] = $mypassword;
        header("location:Admin_home.php");
        }
   else if (user_level == 2) {
        $_SESSION['myusername'] = $myusername;
        $_SESSION['mypassword'] = $mypassword;
        header("location:home.php");
   }
}
else {
echo "Wrong Username or Password";
}
?>

[fastsol1]

It basically means there is no post variables coming through that match the ones you have defined. So it's trying to define the var $myusername but it doesn't see a post var to associate it and get info from. Check your login form and make sure the name="" match your post var on the login.php page. UNLESS your form is on the same page you posted but you didn't include that part for us to see, then all you need to do is wrap your vars and anything checks the user in an if(isset($_POST['submit'])) submit being what ever you called your submit button.

PHP Code:

if (isset($_POST['submit']))
{
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];


$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);


if($count==1){
   if (user_level == 1) {
        $_SESSION['myusername'] = $myusername;
        $_SESSION['mypassword'] = $mypassword;
        header("location:Admin_home.php");
        }
   else if (user_level == 2) {
        $_SESSION['myusername'] = $myusername;
        $_SESSION['mypassword'] = $mypassword;
        header("location:home.php");
   }
}
else {
echo "Wrong Username or Password";
}
}