Wednesday, October 19, 2022

[FIXED] How to create multi user (Admin, Registered User, General Visitor) login system on Role Based in php?

      , , ,      No comments   

Issue

I am trying to create 3 different section for Admin, Registered User and General Visitor(Non-registered User). I searched in many places but I did not find any information. Here I give my code for Non-registered user and Registered user.

would you please customize/edit my code for Admin section

Advance thanks

My Index Page:

<?php
require 'header.php';
require 'includes/dbh.inc.php';
?>

<link rel="stylesheet" type="text/css" href="css/index.css">
<title>Home Page</title>


<main>

<?php 

if (isset($_SESSION['userId'])) {
    echo '<p>You are Loged in!</p>';

}
else{
    echo '<p>You are Loged out!</p>';
}

?>          

</main>

<?php
require 'footer.php';
?>

My login.inc Page:

<?php 

if (isset($_POST['login-submit'])) {

require 'dbh.inc.php';

$mailuid = $_POST['mailuid'];
$password = $_POST['pwd'];

if (empty($mailuid) || empty($password)) {
    header("Location: ../login.php?error=emptyfields");
    exit();
}
else{
    $sql = "SELECT * FROM users WHERE uidUsers=? OR emailUsers=?;";
    $stmt = mysqli_stmt_init($conn);
    if (!mysqli_stmt_prepare($stmt, $sql)) {
        header("Location: ../login.php?error=sqlerror");
        exit();
    }
    else{
        mysqli_stmt_bind_param($stmt, "ss", $mailuid, $mailuid);
        mysqli_stmt_execute($stmt);
        $result = mysqli_stmt_get_result($stmt);
        if ($row = mysqli_fetch_assoc($result)) {
            $pwdCheck = password_verify($password, $row['pwdUsers']);
            if ($pwdCheck == false) {
                header("Location: ../login.php?error=wrongpwd");
                exit(); 
            }
            else if ($pwdCheck == true) {
                session_start();
                $_SESSION['userId'] = $row['idUsers'];
                $_SESSION['userUid'] = $row['uidUsers'];


                header("Location: ../index.php?login=success");
                exit();
            }
            else{
                header("Location: ../login.php?error=wrongpwd");
                exit(); 
            }

        }
        else{
            header("Location: ../login.php?error=nouser");
            exit();
        }
    }
 }

 }
else{
header("Location: ../login.php");
exit();
}

Solution

You have to add a col to your database with the role for every user and then, after the login check set another $_SESSION with the role value. Example:

$_SESSION['role'] = $row['role']

Then check this value every page you need it.



Answered By - Stefino76
Answer Checked By - Cary Denson (PHPFixing Admin)

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...