user Login populate Txtbox W/DataBase data, UPDATE + use account types how to have

Question

0.00/5 (No votes)

See more:

Hello all,
I currently successfully made a relational database with my simple form.
Now I am working on having my simple website have a login with 2 different types of users, for example like an administrator and a regular user account. I would like to be able to have different privileges for the accounts. I can successfully log an account in but I am not quite sure how to do anything with the login. Right now I only echo a statement saying that the account has logged in.
I would like to know how to pull user data from the database and fill the textboxes with the data to populate them and then I’d like to be able to do an UPDATE statement
Do I use a $_SESSION or $_COOKIE ? to use the login I been trying to search it on Google to learn how to do something with a logged in account but I have not been able to figure anything out yet…..
I would like my accounts to be able to update there information if someone has time to show me how to do an admin account then creating additional users with an admin would be cool but I just simply want the basic process of stuff working first. When a user logins I want to send them to the form page and have it auto populate the textboxes with there current information then if they change it and click submit run a update query so it updates the database.
Could someone please help me with this?
Here is most of what I have so you can see how to push me further in the next steps.

HTML

<div id="section1"> 			
  			<?php
  				if(!isset($_POST['btnSubmit']))
				{
			?>	
					<form method="post" action="index.php">
						<label for="username">Username:</label>
						<input type="text" name="username" />
						<br>
						<label for="password">Password:</label>
						<input type="text" name="password" />
						<br>
						<input type="submit" name="btnSubmit" value="Log In!" />
					</form>
			<?php
			//the form is submitted check everything to login successfully
				}
				else 
				{		//get user input and store in variables
					$username = $_POST['username'];
					$password = $_POST['password'];
					
				  	if (empty($username)) 
			      	{
			        	die('ERROR: Please enter your username');  
			      	}
			      	if (empty($password)) 
			      	{
			        	die('ERROR: Please enter your password');  
			      	}

					$mysqli = new mysqli("localhost", "root", "", "loginusers");
					//xampp
					if ($mysqli === false) 
				    {
				      die("ERROR: Could not connect to database. " . mysqli_connect_error());
				    }
				    
					//take user input and make sure there are no "/"s in it 
					$username = $mysqli->escape_string($username);
				    
					 $sql = "SELECT COUNT(*) FROM users WHERE username = '$username'";
				      if ($result = $mysqli->query($sql)) 
				      {
				        $row = $result->fetch_array();
				        // if yes, fetch the encrypted password
				        if ($row[0] == 1) 
				        {
				          $sql = "SELECT password FROM users WHERE username = '$username'"; 
						         
				          if ($result = $mysqli->query($sql)) 
				          {
				            $row = $result->fetch_object();    
				
				            $hash = $row->password;
							
							
							if (crypt($password, $hash) == $hash) 
				            {              
				              echo 'Your login credentials were successfully verified.';  
				            } 
				            else 
				            {
				              echo 'You entered an incorrect password.';            
				            }
				          } 
						  else 
				          {
				            echo "ERROR: Could not execute $sql. " . $mysqli->error;
				          }          
				        } 
				        else 
				        {
				          echo 'You entered an incorrect username.';            
				        }
				
				        $result->close();
				      } 
				      else 
				      {
				        echo "ERROR: Could not execute $sql. " .$mysqli->error;
				   
				      }
					  
					  $mysqli->close();
				}
			?>
  			
  	</div>

Posted 20-Oct-14 16:19pm

TheBigBearNow

Updated 20-Oct-14 16:21pm

v2

Add a Solution

Comments

W∴ Balboos, GHB 21-Oct-14 13:11pm

I suggest you look up AJAX for your user vs administrator login: this will let you create a page that doesn't even have a trace of Admin info for non-Admin users. The content can be loaded on the server-side (where you'll be doing your database queries).

Alternative: similar to AJAX population of page but instead have login designate a target page that differs for ADMIN vs USER: build page on server side and send to client.

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)