Hello all,
I currently successfully made a relational database with my simple form.
Now I am working on having my simple website have a login with 2 different types of users, for example like an administrator and a regular user account. I would like to be able to have different privileges for the accounts. I can successfully log an account in but I am not quite sure how to do anything with the login. Right now I only echo a statement saying that the account has logged in.
I would like to know how to pull user data from the database and fill the textboxes with the data to populate them and then I’d like to be able to do an UPDATE statement
Do I use a $_SESSION or $_COOKIE ? to use the login I been trying to search it on Google to learn how to do something with a logged in account but I have not been able to figure anything out yet…..
I would like my accounts to be able to update there information if someone has time to show me how to do an admin account then creating additional users with an admin would be cool but I just simply want the basic process of stuff working first. When a user logins I want to send them to the form page and have it auto populate the textboxes with there current information then if they change it and click submit run a update query so it updates the database.
Could someone please help me with this?
Here is most of what I have so you can see how to push me further in the next steps.
<div id="section1">
<?php
if(!isset($_POST['btnSubmit']))
{
?>
<form method="post" action="index.php">
<label for="username">Username:</label>
<input type="text" name="username" />
<br>
<label for="password">Password:</label>
<input type="text" name="password" />
<br>
<input type="submit" name="btnSubmit" value="Log In!" />
</form>
<?php
}
else
{
$username = $_POST['username'];
$password = $_POST['password'];
if (empty($username))
{
die('ERROR: Please enter your username');
}
if (empty($password))
{
die('ERROR: Please enter your password');
}
$mysqli = new mysqli("localhost", "root", "", "loginusers");
if ($mysqli === false)
{
die("ERROR: Could not connect to database. " . mysqli_connect_error());
}
$username = $mysqli->escape_string($username);
$sql = "SELECT COUNT(*) FROM users WHERE username = '$username'";
if ($result = $mysqli->query($sql))
{
$row = $result->fetch_array();
if ($row[0] == 1)
{
$sql = "SELECT password FROM users WHERE username = '$username'";
if ($result = $mysqli->query($sql))
{
$row = $result->fetch_object();
$hash = $row->password;
if (crypt($password, $hash) == $hash)
{
echo 'Your login credentials were successfully verified.';
}
else
{
echo 'You entered an incorrect password.';
}
}
else
{
echo "ERROR: Could not execute $sql. " . $mysqli->error;
}
}
else
{
echo 'You entered an incorrect username.';
}
$result->close();
}
else
{
echo "ERROR: Could not execute $sql. " .$mysqli->error;
}
$mysqli->close();
}
?>
</div>