I'm currently in a school-project and we are doing a site where there are three different types of roles.
In our user-table we have an attribute named "role". This role has a table with 3 different values, 1, 2 and 3.
1 (Admin) 2 (Adminuser) 3 (user).
What I want is: When someone is logging in, the code wants to look for what value in role this user has and then redirect this user to "admin.php" (if the value is 1), "adminuser.php" (if the value is 2) or "user.php" if the value is 3. This is the current code, and it works so that you can login, but you get sent to the same page regardless.
if(isset($_POST['email']))
{
$query = <<<END
SELECT email, password, userID, FROM user
WHERE email = '{$_POST['email']}'
AND password = '{$_POST['password']}'
END;
$res = $mysqli->query($query);
if ($res->num_rows > 0)
{
$row = $res->fetch_object();
$_SESSION["email"] = $row->email;
$_SESSION["userID"] = $row->id;
header("Location:admin.php");
}
else
{
echo "Fel email eller lösenord.";
}
}
If the role is in the user table then try this with a simple array. Below the simple code from where you can get your desire output.
$role = array("1"=> "Admin.php", "2"=> "Adminuser.php", "3"=> "user.php");
if(isset($_POST['email'])){
$query = <<<END
SELECT email, password, userID, id FROM user
WHERE email = '{$_POST['email']}'
AND password = '{$_POST['password']}'
END;
$res = $mysqli->query($query);
if ($res->num_rows > 0){
$row = $res->fetch_object();
$_SESSION["email"] = $row->email;
$_SESSION["userID"] = $row->id;
//retrieve the user role from user-table, i use userid, you may use your own field
$query2 = <<<END
SELECT role FROM user-table
WHERE userid = '{$row->id}'
END;
$res2 = $mysqli->query($query2);
$row2 = $res2->fetch_object();
header("Location: ".$role[$row2->role]);
}else{
echo "Fel email eller lösenord.";
}
}