Click here to Skip to main content
15,843,727 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
Hi. I want create disable or deactive / active user by admin in php. I already success
about it. However, I want user and admin log in in one form and go to their specific page. Yes, it work. I adjust and add the process for user type (2 type : for user and admin) , however when I add in the if else statement, deactive function did not work and deactive user can login to the user page. Can you check my if else condition in index.php? I think problem on that part because if I remove user type condition then status condition is okay, however if add user type condition, user type condition work yet deactive condition did not work . What should I do?

For below process user type function well, admin go to admin page and user go to user page, however deactive did not work and deactive user can login even I change active to deactive in admin. I stuck there. Help. Thank You.

What I have tried:

Config.php :

<?php
class Database extends pdo {

    private $dbtype; 
    private $host;     
    private $user;
    private $pass; 
    private $database; 

    public function __construct(){ 
        $this->dbtype = 'mysql'; 
        $this->host = 'localhost'; 
        $this->user = 'root'; 
        $this->pass = ''; 
        $this->database = 'workshire'; 
        $dns = $this->dbtype.':dbname='.$this->database.";host=".$this->host; 
        parent::__construct( $dns, $this->user, $this->pass ); 
    }     
}
$database = new Database();
$dbh =& $database;
?>


index.php :
<?php
	session_start();
	require_once('config.php');
?>
<!DOCTYPE html>
<html>
<head>
	<title>User's Account Activiation/Deactivation</title>
		<link href="css/bootstrap.css" rel="stylesheet" media="screen">
		<link href="css/bootstrap-responsive.css" rel="stylesheet" media="screen">
		<link rel="stylesheet" type="text/css" href="css/style1.css">
</head>
<body>
<?php

	if(isset($_POST['submit'])) {
		$user_email = $_POST['user_email'];
		$access_code = $_POST['access_code'];
		$result = $dbh->prepare("SELECT * FROM talent_pool WHERE user_email= :user_email AND access_code = :access_code");
		$result->bindParam(':user_email', $user_email);
		$result->bindParam(':access_code', $access_code);
		$result->execute();
		$rows = $result->fetch(PDO::FETCH_NUM);
		if($rows > 0) {
			$result=$dbh->prepare("SELECT * FROM talent_pool WHERE user_email=:user_email");
			$result->bindParam(':user_email', $user_email);
			$result->execute();
			while($row = $result->fetch(PDO::FETCH_ASSOC)){
				$res_id = $row['id'];
				$curr_status = $row['status'];
				$roles = $row['user_type'];
			}
				if($curr_status=='Deactive') {
					$message = "Sorry $user_email, your account is temporarily deactivated by the admin.";
				}else{
					$_SESSION['id'] = $res_id;
					header("location: indexEmp.php?logid=$res_id");
				}
				
				if($roles =='admin') {
					header("location: admin/index.php?logid=$res_id");
				}else{
					$_SESSION['id'] = $res_id;
					header("location: indexEmp.php?logid=$res_id");
				}
								
		}
		else{
			$message = 'User Email and Access Code are not exists.';
		}
	}
?>
<div class="container">
<h1 align="center">User's LogIn</h1><hr>
	<form method="post" align="center">
		<div class="form-group">
			<label for="name">User Email:</label>
			<input type="text" id="user_email" name="user_email" class="form-control" placeholder="User Email" autofocus required />
		</div>
		<div class="form-group">
			<label for="name">Access Code</label>
			<input type="password" id="access_code" name="access_code" class="form-control" placeholder="Access Code" required>
		</div>
		<div>
			<?php
				if(!empty($message)) {
					echo "<p style='color: blue; padding: 2px;'>".$message."</p>";
				}
			?>
		</div>
		<input type="submit" name="submit" value="Access Account" class="btn btn-primary"/>
	</form><br/>
</div>
</body>
</html>
Posted
Updated 17-Nov-17 22:51pm

Let me point out the source of your trouble -
After the execution of the first if-else block:
if($curr_status=='Deactive') {
    $message = "Sorry $user_email, your account is temporarily deactivated by the admin.";
}else{
    $_SESSION['id'] = $res_id;
    header("location: indexEmp.php?logid=$res_id");
}

It proceeds to execute the second if-else block:
if($roles =='admin') {
    header("location: admin/index.php?logid=$res_id");
}else{
    $_SESSION['id'] = $res_id;
    header("location: indexEmp.php?logid=$res_id");
}
What happens? It is this second block of code that cancels out whatever is done in the first block. So, the next question is where to place this second block of code? That is for you to find out.

++++++[Follow up]++++++
Since you insist, take a look at this:
if($curr_status=='Deactive') {
    $message = "Sorry $user_email, your account is temporarily deactivated by the admin.";
} else { // status is active

    if($roles =='admin') {
        header("location: admin/index.php?logid=$res_id");
    } else {
        $_SESSION['id'] = $res_id;
        header("location: indexEmp.php?logid=$res_id");
    }

}

I also observe that you are using root account to access the mysql database, that is a No-No. You should create a separate user account with restricted right for the PHP code to access a database.
++++++[Follow up 2]++++++
Another way is this:
if($roles =='admin') {
	header("location: admin/index.php?logid=$res_id");
} else { // normal user
    
    if($curr_status=='Deactive') {
    	$message = "Sorry $user_email, your account is temporarily deactivated by the admin.";
	} else {
   
		$_SESSION['id'] = $res_id;
        header("location: indexEmp.php?logid=$res_id");
	}

}
 
Share this answer
 
v4
Comments
Member 12895537 17-Nov-17 23:21pm    
I already adjust and tried it to be one condition, however it remain error . That is also my problem , I did not know how to locate it..I try to figure out by using if...else if..else and I play the condition still error. I remove { and also add } still error..then how to solve it? any solution?

syntax error, unexpected '{', expecting '(' in C:\xampp\htdocs\workshire\accountivate\index.php on line 37

if($roles =='admin') {
					header("location: admin/index.php?logid=$res_id");
				}else 
					if {
						$_SESSION['id'] = $res_id;
					header("location: admin/indexEmp.php?logid=$res_id");
				}
			
				else ($curr_status=='Deactive') {
					$message = "Sorry $user_email, your account is temporarily deactivated by the admin.";
				}
Peter Leow 18-Nov-17 0:24am    
There is an obvious missing open bracket after the first else. Syntax error aside, however, your logic is wrong. Follow the flow of your code to figure out.
Member 12895537 18-Nov-17 1:12am    
I already follow the flow. I know is wrong. That why I ask because I did not know how to figure out this. Can you help me to show the right logic? Do not force me to figure out because I really have no idea how to correct it.
Member 12895537 18-Nov-17 1:22am    
Show me the right one. I know that statement is wrong and logic is whttps://www.codeproject.com/WebControls/#rong, because of that I ask here and need a solution or idea.I cannot figure out that statement by myself. Please, Give me some solution or idea for that if else.I need some help
Peter Leow 18-Nov-17 1:31am    
Added in solution 1.
I already adjust and tried it to be one condition, however it remain error . That is also my problem , I did not know how to locate it..I try to figure out by using if...else if..else and I play the condition still error. I remove { and also add } still error..then how to solve it? any solution?

syntax error, unexpected '{', expecting '(' in C:\xampp\htdocs\workshire\accountivate\index.php on line 37

<pre>if($roles =='admin') {
					header("location: admin/index.php?logid=$res_id");
				}else 
					if {
						$_SESSION['id'] = $res_id;
					header("location: admin/indexEmp.php?logid=$res_id");
				}
			
				else ($curr_status=='Deactive') {
					$message = "Sorry $user_email, your account is temporarily deactivated by the admin.";
				}




index.php :

<?php
	session_start();
	require_once('config.php');
?>
<!DOCTYPE html>
<html>
<head>
	<title>User's Account Activiation/Deactivation</title>
		<link href="css/bootstrap.css" rel="stylesheet" media="screen">
		<link href="css/bootstrap-responsive.css" rel="stylesheet" media="screen">
		<link rel="stylesheet" type="text/css" href="css/style1.css">
</head>
<body>
<?php

	if(isset($_POST['submit'])) {
		$user_email = $_POST['user_email'];
		$access_code = $_POST['access_code'];
		$result = $dbh->prepare("SELECT * FROM talent_pool WHERE user_email= 
                :user_email AND access_code = :access_code");
		$result->bindParam(':user_email', $user_email);
		$result->bindParam(':access_code', $access_code);
		$result->execute();
		$rows = $result->fetch(PDO::FETCH_NUM);
		if($rows > 0) {
			$result=$dbh->prepare("SELECT * FROM talent_pool WHERE 
                        user_email=:user_email");
			$result->bindParam(':user_email', $user_email);
			$result->execute();
			while($row = $result->fetch(PDO::FETCH_ASSOC)){
				$res_id = $row['id'];
				$curr_status = $row['status'];
				$roles = $row['user_type'];
			}
			
			if($roles =='admin') {
					header("location: admin/index.php?
                                        logid=$res_id");
				}else 
					if {
						$_SESSION['id'] = $res_id;
					header("location: admin/indexEmp.php?
                                        logid=$res_id");
				}
			
				else ($curr_status=='Deactive') {
					$message = "Sorry $user_email, your 
                                account is temporarily deactivated by the admin.";
				}
				
								
		}
		else{
			$message = 'User Email and Access Code are not exists.';
		}
	}
?>
<div class="container">
<h1 align="center">User's LogIn</h1><hr>
	<form method="post" align="center">
		<div class="form-group">
			<label for="name">User Email:</label>
			<input type="text" id="user_email" name="user_email" class="form-control" placeholder="User Email" autofocus required />
		</div>
		<div class="form-group">
			<label for="name">Access Code</label>
			<input type="password" id="access_code" name="access_code" class="form-control" placeholder="Access Code" required>
		</div>
		<div>
			<?php
				if(!empty($message)) {
					echo "<p style='color: blue; padding: 2px;'>".$message."</p>";
				}
			?>
		</div>
		<input type="submit" name="submit" value="Access Account" class="btn btn-primary"/>
	</form><br/>
</div>
</body>
</html>
 
Share this answer
 
v2
Comments
Peter Leow 18-Nov-17 0:25am    
This is not a solution, remove it.
Don't Worry. I already get my solution here . Thank You for help :)


if (isset ( $_POST ['submit'] )) {
	
	require_once('config.php');
	$user_email = $_POST['user_email'];
	$access_code = $_POST ['access_code'];	
	
		
	if ($access_code == "super"){
		$_SESSION ['id'] = "Admin";
		header ( "Location:admin/index.php" );
	} 

	else {

		/* execute SQL command */
		$result = $dbh->prepare("SELECT * FROM talent_pool WHERE user_email= :user_email AND access_code = :access_code");
		$result->bindParam(':user_email', $user_email);
		$result->bindParam(':access_code', $access_code);
		$result->execute();
		$rows = $result->fetch(PDO::FETCH_NUM);
		if($rows > 0) {
			$result=$dbh->prepare("SELECT * FROM talent_pool WHERE user_email=:user_email");
			$result->bindParam(':user_email', $user_email);
			$result->execute();
			while($row = $result->fetch(PDO::FETCH_ASSOC)){
				$res_id = $row['id'];
				$curr_status = $row['status'];
			}
			
				if($curr_status=='Deactive') {
					$message = "Sorry $user_email, your account is temporarily deactivated by the admin.";
				}else{
					$_SESSION['id'] = $res_id;
					header("location: indexEmp.php?logid=$res_id");
				}
											
		}
		else{
			$message = 'User Email and Access Code are not exists.';
		}
	}
}


Just one more question :
if ($access_code == "super"){

Above code I want put like this
if ($access_code == "super")||($user_email == "nabilah@yahoo.com"){

however it said :
syntax error, unexpected '||' (T_BOOLEAN_OR)

Can you help me to correct it??
 
Share this answer
 
Comments
Peter Leow 18-Nov-17 6:57am    
This should be posted as a new question.
Member 12895537 18-Nov-17 19:02pm    
I just need a solution. Why are you so complicated to help me to answer and many rules? This is place to help developer and It was still under this topic, why I should posted as a new one? . Can't you just help? You are not help me since yesterday, yet force me to figure out my fault. Feel stress here. Thank you for help.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900