I am trying to develop a login system where both a customer and admin can login. The customer will be sent back to the index and the admin will be sent to a control panel. I have a user table in my database. Here a have level which defines the users; customer level = 1 and admin level = 0.
I am reletavily new to PHP and have been searching the internet for answers. I have found two versions of what i need. I'm not 100% sure they are correct and which is the best to use.
Example 1:
//indicate that sessions are to be used or started
session_start();
// Define $myusername and $mypassword from the form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// Query
$result= $dbh->query("SELECT * FROM users WHERE username='$myusername' AND password='$mypassword';");
// Mysql_num_row is counting table row
$count = $result->rowCount();
// Determine if user is "user" or "admin"
$userlevel = mysqli_query($con,"SELECT level FROM users WHERE username='$myusername';");
$level = mysql_fetch_row($userlevel);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1) {
// Start session, register $myusername, $mypassword and redirect to login_success.php
session_start();
$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword;
$_SESSION['level'] = $level;
// Redirect to appropriate page depending on user rights. Indicator 0 for user, 1 for admin.
if($_SESSION['level'] == 0)
{
//Admin Login
header("location:../php/admin.php");
}
if ($_SESSION['level']) == 1)
{
//Customer login
header("location:../login_success.php");
}
//flush the output buffer
ob_end_flush();
?>
Example 2:
// Define $myusername and $mypassword from the form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$sql="SELECT * FROM users WHERE username='$myusername' and password='$mypassword' and level== '0'";
if($count==1){
$_SESSION["username"] = $username;
$_SESSION["password"] = $password;
$info = mysql_fetch_array($result);
if ($info['level'] == 0) {
header("location:../php/admin.php");
}
else
header("location:../index.html");
}
}
else {
echo "Incorrect password";
}
?>
Any help will be much appreciated.