I am working on a project in which I have several admins and one Super Admin. The tables have the fields username.password, location & status. I have also created a common table for Admins.
For Admin I need the username and location in session, however, for Super Admin I need just username in session. I have also created a single login page.
The PHP code is as shown below
<?php
include("connect.php");
session_start();
$Username = $_POST["t1"];
$Password = $_POST["t2"];
$Status = $_POST["t3"];
$location = $_POST["l1"];
$q = mysql_query("select * from admin_login where username='$Username'");
$rs = mysql_fetch_row($q);
if (($rs[0] == $Username) && ($rs[1] == $Password) && ($rs[4] == $location) && ($rs[3] == $Status)) {
if ($_SESSION["status"] = admin) {
$_SESSION["user"] = $Username;
$_SESSION["location"] = $location;
echo "<script type='text/javascript' language='javascript'>
alert('Admin logged in successfully');
</script>";
header("Refresh:0;http://localhost/e_classified/admin/a_activity.php");
} else {
echo "<script type='text/javascript' language='javascript'>
alert('Incorrect details, Enter correct details');
</script>";
header("Refresh:0;http://localhost/e_classified/super admin/login.html");
}
}
if (($rs[0] == $Username) && ($rs[1] == $Password) && ($rs[3] == $Status)) {
if ($_SESSION["status"] == sadmin) {
$_SESSION["user"] = $Username;
echo "<script type='text/javascript' language='javascript'>
alert('Super Admin logged in successfully');
</script>";
header("Refresh:0;http://localhost/e_classified/super%20admin/s_activity.php");
} else {
echo "<script type='text/javascript' language='javascript'>
alert('Incorrect details, Enter correct details');
</script>";
header("Refresh:0;http://localhost/e_classified/super admin/login.html");
}
}
The problem is that while logging in for any Admin/Super Admin it opens in in the same window (ex. s_activity.php).