Hello,

I created a user login form with a crietaria fixed that if the user type is admin then it should be redirected to admin page and if it is an agent it should be redirected to home.php

The admin type is working properly but when i enter agent id and paw it redirects back to login page

here is the code

<?php
    include_once ("connection.php");

    $username = $_POST["user_name"];
    $password = $_POST["password"];

    $query = "SELECT * FROM agents";
    $query_confirm = mysqli_query($connection, $query);

    while ($record = mysqli_fetch_assoc($query_confirm)) {
        $id = $record["id"];
        $uname = $record["agent_uname"];
        $user_pass = $record["agent_password"];
        $user_type = $record["user_type"];
    }

    if(isset($_POST["login"])) {
        if($username == $uname  && $password == $user_pass) {
            if($user_type == "Admin") {
                header("Location: ../admin.php?admin=".$id);
                exit;
            } else {
                header("Location: ../home.php?agent=".$id);
                exit;
            }
        } else {
            header("Location: ../login.php");
        }
    }

?>

Thank You

post your form

where does $_POST["login"] get set

I find it's easy to troubleshoot by just putting some echo statements in and seeing what's being sent.

    if(isset($_POST["login"])) {

echo "<br />the user_type is ".$user_type;   
echo "<br />the username is ".$username; 

    }

I'm not sure that you need those exit; statements.

Here is the form

<?php 
    require_once("includes/connection.php");
?>
<!DOCTYPE HTML>
<html>
<head>
<title> Green Gadget - Login</title>
<meta http-equiv="Content-Type" content="text/html;">

    <link type="text/css" rel="stylesheet" href="css/style.css" />
    <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css">

</head>

<body>
    <div id="main_page" style="  padding: 152px 0;">
    <p class="heading_login">LOGIN</p>
        <div id="login">
        <form name="login" method="post" action="includes/verify.php">
            <label>
                <p>User Name</p>
                <input type="text" name="user_name" class="txtfield_login" required />
                <div class="clear"></div>
            </label>

            <label>
                <p>Password</p>
                <input type="password" name="password" class="txtfield_login" required />
                <div class="clear"></div>
            </label>

            <input type="submit" class="formbtn_login" value="Login" name="login" />
        </form>
        <div class="clear"></div>
        </div>
    </div>

</body>
</html>

@terrymason the indormation echoing is correct but dont know why it's not confirming it

Try to review your code

$query = "SELECT * FROM agents";
    $query_confirm = mysqli_query($connection, $query);
    while ($record = mysqli_fetch_assoc($query_confirm)) {
        $id = $record["id"];
        $uname = $record["agent_uname"];
        $user_pass = $record["agent_password"];
        $user_type = $record["user_type"];
    }

From what I see, you select all record from agents table and overwrite the $id,$uname,$user_pass,$user_type for each record. This means these variable will only store the last data from the database. Then your code on if($username == $uname && $password == $user_pass) will return false.

If I am in the case, I will probably change the code into

if(isset($_POST["login"])) {//if not posted, no need to fetch from database
    while ($record = mysqli_fetch_assoc($query_confirm)) {
        $id = $record["id"];
        $uname = $record["agent_uname"];
        $user_pass = $record["agent_password"];
        $user_type = $record["user_type"];
        if($username == $uname  && $password == $user_pass) {
            if($user_type == "Admin") {
                header("Location: ../admin.php?admin=".$id);
                exit;
            } else {
                header("Location: ../home.php?agent=".$id);
                exit;
            }
        } else {
            header("Location: ../login.php");
        }
    }
} else {
    header("Location: ../login.php");
}

Have you try this?

if(($username == $uname) && ($password == $user_pass))

@lps , Perfect so this was the big mistake I was doing on I tried to done every form processing within the loop and it did worked thank you once again.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.