I am trying to do a login for php and sql server by different UserType
I've tried to do a login without the UserType
and i can login. But i have no idea how to do a login based on UserType
. Anyways, this is what i have tried :
UserType :
- User
- Superior
- Admin
login_action.php (w/o UserType)
<?php
session_start();
require_once 'connection.php';
$EmployeeId = $_POST['EmployeeId'];
$Password = $_POST['Password'];
$tsql = "SELECT * FROM LOGIN WHERE EmployeeId='$EmployeeId' AND Password='$Password'";
$result = sqlsrv_query( $conn, $tsql, $params, array( "Scrollable" => SQLSRV_CURSOR_KEYSET ));
$num = sqlsrv_num_rows($result);
if($num==1){
header('Location: user.php');
$_SESSION['valid_user'] = true;
$_SESSION['EmployeeId'] = $EmployeeId;
die();}
else
header('Location: login.php');
die();
?>
login_action.php (with UserType)
<?php
session_start();
require_once 'connection.php';
$EmployeeId = $_POST['EmployeeId'];
$Password = $_POST['Password'];
$UserType = $_POST['UserType'];
$tsql = "SELECT * FROM LOGIN WHERE EmployeeId='$EmployeeId' AND Password='$Password' AND UserType='$UserType'";
$result = sqlsrv_query( $conn, $tsql,$params , array( "Scrollable" => SQLSRV_CURSOR_KEYSET ));
$num = sqlsrv_num_rows($result);
if($num==1){
$_SESSION['EmployeeId']=$EmployeeId;
$_SESSION['UserType']=$UserType;
if($UserType=="USER")
{
header("Location:user.php");
}
else if ($UserType=="SUPERIOR")
{
header("Location:superior.php");
}
else if ($UserType=="ADMIN")
{
header("Location:admin.php");
}
else
die("Not a valid User Type");
}
else
header('Location: login.php');
?>