Home/ Questions/Q 6582371
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T16:16:18+00:00

ive made a login page which should assign different groups a session [‘level’] depending

  • 0

ive made a login page which should assign different groups a session [‘level’] depending on whether or not they have logged in using the correct details. say the admin logs in he gets session[‘admin’] session[‘member’] and session[‘council’] which all are dependant on his user level from the database.
but when i check the session array i get:
id, username, admin, admin, admin instead of
id, username, admin, council, member.
the code i am using for the query is 

//normal user
$queryN= mysql_query("SELECT * From users where username='$username' and hashed_password ='$dash' AND
level='member' LIMIT 1");
//normal council member
 $queryC = mysql_query("SELECT * From users where username='$username' and hashed_password ='$dash' AND
level='council' LIMIT 1");
//normal admin
$queryA = mysql_query("SELECT * From users where username='$username' and hashed_password ='$dash' AND
level='admin' LIMIT 1");
//Check whether the query was successful or not      
//normal user
if(mysql_num_rows($queryN) == 1)
{session_regenerate_id();
$resultN = mysql_fetch_assoc($queryN);  
$_SESSION['user_id'] = $resultN['id'];
$_SESSION['username'] = $resultN['username'];       
$_SESSION['member'] = $resultN['level']; 
session_write_close();
redirect_to("../public/index.php");
}
//admin user
elseif(mysql_num_rows($queryA) == 1){
session_regenerate_id();
$resultA = mysql_fetch_assoc($queryA);   
$_SESSION['user_id'] = $resultA['id'];
$_SESSION['username'] = $resultA['username']; 
$_SESSION['admin'] = $resultA['level']; 
$_SESSION['member'] = $resultA['level'];
$_SESSION['council'] = $resultA['level']; 
session_write_close();
redirect_to("../public/staff.php");
}

//council user
elseif(mysql_num_rows($queryC) == 1){
session_regenerate_id();
$resultC = mysql_fetch_assoc($queryC);  
$_SESSION['user_id'] = $resultC['id'];
$_SESSION['username'] = $resultC['username'];  
$_SESSION['council'] = $resultC['level']; 
$_SESSION['member'] = $resultC['level'];
session_write_close();
redirect_to("../public/index.php");
}else{
//Login failed
redirect_to("../public/login.php");
}

and the functions to check each user credentials are:

    session_start();
    $_SESSION['ERRMSG_ARR'] = array(); 
    function logged_in() {
        return isset($_SESSION['level']);
    }

    function confirm_logged_in() {
if(!isset ($_SESSION['member']) || (trim($_SESSION['member']) == '')) {
$_SESSION['ERRMSG_ARR'][] = 'You were not Authorised to view that page';
            redirect_to("login.php");
        }
    }
function confirm_login_council() {
if(!isset ($_SESSION['council']) || (trim($_SESSION['council']) == '')) {
        $_SESSION['ERRMSG_ARR'][] = 'Sorry but you were not Authorised to view that page';
        redirect_to("login.php");
        }
    }
function confirm_login_admin(){
if(!isset($_SESSION['admin']) || (trim($_SESSION['admin']) == '')) {
    $_SESSION['ERRMSG_ARR'][] = 'Unfortunately for you; You were not Authorised to view that page';
            redirect_to("login.php");
        }
    }

and to check the session array values i used :

  foreach($_SESSION as $value){
        echo $value . " | ";
    }
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You are setting the “admin”, “member” and “council” session variables to the same value:

    $_SESSION['admin'] = $resultA['level']; 
$_SESSION['member'] = $resultA['level'];
$_SESSION['council'] = $resultA['level'];

    Try printing with the key as well to get a clearer picture of what’s going on:

    foreach($_SESSION as $key => $value){
  echo $key, ':', $value , ' | ';
}
    • 0