Home > OS >  User Redirection accordingly an enum input. PHP code
User Redirection accordingly an enum input. PHP code

Time:11-24

I'm trying to redirect the logged-in user to a different page according to the enum input was stored at db.

I was trying those lines, but it always redirects me at pro.php. How can I do this with the right way? What is the issue with the code?

Here is my table definition:

# Name Type Null Default
1 id Primary int(11) No None AUTO_INCREMENT
2 firstName varchar(255) Yes NULL
3 lastName varchar(255) Yes NULL
4 email Index varchar(255) Yes NULL
5 speciality enum('pro', 'stu') Yes NULL
6 password varchar(100) Yes NULL
7 lastLogin timestamp Yes NULL

Here is the PHP code:

<?php 
error_reporting(E_ALL);
ini_set('display_errors', 1);
include_once("config.php");
include_once("session.php");

if (isset($_POST['signin'])) {
  $email = mysqli_real_escape_string($conn, $_POST['email']);
  $password = mysqli_real_escape_string($conn, $_POST['password']);
  $errors = array();

  if (empty($email)) {
    array_push($errors, "email is required");
  }
  if (empty($password)) {
    array_push($errors, "Password is required");
  }

  if (count($errors) == 0) {
    $password = md5($password);
    $query = "SELECT * FROM user WHERE email='$email' AND password='$password'";
    $results = mysqli_query($conn, $query);
    if (mysqli_num_rows($results) == 1) 
    {
      $_SESSION['email'] = $email;
      $_SESSION["user_name"]=$firstName;
      $_SESSION['success'] = "You are now logged in";
      $logintime = "UPDATE user SET lastLogin = now() where email = '$email'";
      mysqli_query($conn, $logintime);
      
      //Check speciality and redirect accordingly
      $speciality = $row['speciality'];
         if($speciality == "stu"){
        header("location:stu.php");
        }else{header("location:pro.php");}
    }else 
    {
        array_push($errors, "Wrong username/password combination");
        header("location:login.php");
    }
  }
}
?>

I know the user is logged in because after the login, i'm going to db and see the lastLogin updated at the current user.

CodePudding user response:

Ok i change the speciality type enum to int(0 or 1) and some more things to the code and now is redirect me properly and almost everything working properly.

if (isset($_POST['submit'])) {
$email = $_POST['email'];
$password = $_POST['password'];
//also i hash the password with a better algorythm
$password = hash('sha256', $password);

$sql = "SELECT * FROM user WHERE email='$email' AND password='$password'";
$result = mysqli_query($conn, $sql);
if ($result->num_rows > 0) {
    $row = mysqli_fetch_assoc($result);
    $_SESSION['user_name'] = $row['user_name'];
    $logintime = "UPDATE user SET lastLogin = now() where email = '$email'";
    mysqli_query($conn, $logintime);
    $_SESSION['speciality'] = $row['speciality'];
    if($_SESSION['speciality']==1) {header("Location: pro.php");}
    else{header("Location: stu.php");}
} else {
    echo "<script>alert('Woops! Email or Password is Wrong.')</script>";
}

}

  • Related