-----Original Message-----
From: Steve Brett
Sent: 12 March 2001 11:40
To: '[EMAIL PROTECTED]'
Subject: RE: [PHP-DB] Using selected fields
I have a similar security setup in the app i'm working on at the moment, but
attack from a slightly different angle.
i have two tables, one that stores user details and a second that stores
security details.
i match on username and password and then load the corresponding security
details.
i then set a session var that says they are logged in and then have an
include file in every page to kick them out if this is not set. ech set of
security settings laso has a user level that is also set as a session var
and then read by pages that need to.
as for getting your details you would need to extract the relevant recordset
via a call to the db you use:
for mysql something like
$secdets = mysql_fetch_array($result);
and then access each attribute by:
$level = $secdets[$userlevel];
HTH
Steve
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: 12 March 2001 10:50
To: [EMAIL PROTECTED]
Subject: [PHP-DB] Using selected fields
Hi there,
Firstly a big thanks to those who pointed me in the direction of 'PHP-fast
and
easy web development'. it was/is a great book, and I have learnt loads on
the
past week.
Anyhoo...
I have a php page and included the line:
$sql = "SELECT * FROM $table_name
WHERE member = \"$member\" AND pw = \"$pw\"
";
Now I have a third column called 'userlevel'.
I have a cookie that activates on successfully matching the member and pw
fields
from a form on the previous page. make sense?
How can I tell the page to use the userlevel colunm too?
Here is the relevent section to my code... can anyone point me in teh rigth
direction please???
============================
$sql = "SELECT * FROM $table_name
WHERE member = \"$member\" AND pw = \"$pw\"
";
$result = mysql_query($sql)
or die ("Can't execute query.");
$num = mysql_numrows($result);
if (($num != 0) && ($userlevel == 1)) {
$cookie_name = "auth";
$cookie_value = "ok";
$cookie_expire = "";
$cookie_domain ="";
setcookie($cookie_name, $cookie_value, $cookie_expire, "/", $cookie_domain,
0);
$display_block ="
<p><B>Secret area:</B>
<UL>
<LI><a href=\"secreta.php\">secret page a</A>
<LI><a href=\"secretb.php\">secret page b</A>
<LI><a href=\"secretc.php\">secret page c</A>
<LI><a href=\"secretd.php\">secret page d</A>
<LI><a href=\"secreteb.php\">secret page e</A>
</UL>
";
} else {
header("Location: http://www.mypage.com");
exit;
}
=================
Thanks guys...
Tris...
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
**********************************************************************
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
