PHP login then redirect
I am using the following code to log users in to a series of secure pages - I need to have each user redirected to an appropriate page once submitted, I'm wondering what steps I need to take to single out the three login levels (admin,special,user):
if(isset($_SESSION['username'])){
function check_login($level) {
$username_s = mysql_real_escape_string($_SESSION['username']);
$sql = "SELECT user_level, restricted FROM login_users WHERE username = '$username_s'";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
$user_level = $row['user_level'];
$restricted = $row['restricted'];
$sql = "SELECT level_disabled FR开发者_运维百科OM login_levels WHERE level_level = '$user_level'";
$result = mysql_query($sql);
$row2 = mysql_fetch_array($result);
$disabled = $row['level_disabled'];
if($disabled != 0) { include('disabled.php'); exit();
} elseif($restricted != 0) { include('disabled.php'); exit();
} elseif($user_level <= $level) { // User has authority to view this page.
} else { include('user_level.php'); exit();
}
}
} else {
function check_login($level) { exit(); }
include('login.inc.php'); exit();
I would store the login level in a $_SESSION variable and then redirect the user based on that as you'll want to keep track of that login level from page to page. To redirect them, use header() with a Location: string.
For ex:
if ($_SESSION['log_level'] == 'admin') {
header("Location: admin.php");
} else if ($_SESSION['log_level'] == 'editor') {
header("Location: editor.php");
} else if ($_SESSION['log_level'] == 'author') {
header("Location: author.php");
}
I'd move those function calls out of the if statement and keep it somewhere else...
One approach could be declaring the different levels you like in an array: $levels = array('admin' => '/admin/url', 'special' => '/special/url', 'guest' => '/guest/url');
and iterate through the list or see if the key exists ...
Using switch is another approach ...
if (isset($_SESSION['login_level'])) {
switch ($_SESSION['login_level']) {
case 'admin':
header('Location: /admin/url');
break;
case 'special':
header('Location: /special/url');
break;
case 'guest':
header('Location: /guest/url');
break;
default:
do_login();
break;
}
} else {
do_login();
}
function do_login() {
// do something
}
精彩评论