Anybody can help me with this code? Why the pop up message for deactivated account did not showed up?

<?
include("database.php");

$myid=$_POST['myid']; 
$mypassword=$_POST['mypassword']; 
$status=$_POST['mystatus'];


if ($_POST['user']='Admin'){
     $resultad = mysql_query("SELECT * FROM staff WHERE staff_id='$myid' AND level='ADMIN' AND password='$mypassword'" );
     $count1 = mysql_num_rows($resultad);
     $row1 = mysql_fetch_array($resultad);


                    if($count1==1){ 


                    header('Location:adLandingPage.php');

                    $insertSQL = "INSERT INTO login_table (id,time) VALUES ('$myid',NOW())";
                    $Result1 = mysql_query($insertSQL) or die(mysql_error());

                            }
                    if ($count1==1 && $row1['enabled'] =="NOT ACTIVE") 
    {
       session_unset();
echo "<script type='text/javascript'>alert('Your account have been deactivated.Please contact your admin!');window.location.href='Index.html'; </script>";
    }

                        }   


if ($_POST['user']='Staff'){

            $result = mysql_query("SELECT * FROM staff WHERE  level='STAFF' AND staff_id='$myid' AND password='$mypassword' AND enabled='ACTIVE' ");
            $result2 = mysql_query("SELECT * FROM staff WHERE staff_id='$myid' AND password='$mypassword' ");


            $count=mysql_num_rows($result);
            $row = mysql_fetch_array($result2);
            $count2=mysql_num_rows($result2);

                    if($count==1){ 
                    session_start();
                    session_register('id');
                    session_register ('password');
                    header('Location:LandingPage.php');

                    $insertSQL = "INSERT INTO login_table (id,time) VALUES ('$myid',NOW())";
                    mysql_select_db($db_name);
                    $Result1 = mysql_query($insertSQL) or die(mysql_error());

                    }



                }




if($myid==""){

session_unset();
echo ' <script type="text/javascript">alert("Please enter your ID!");history.go(-1);
    </script>';}

if($mypassword==""){

session_unset();
echo ' <script type="text/javascript">alert("Please enter your password");history.go(-1);
    </script>';}

if ($count2==0)
    {
        session_unset();
echo ' <script type="text/javascript">alert("Wrong Login!");window.location.href="Index.html"; 
    </script>';
    }
if ($count2==1 && $row["enabled"] == "NOT ACTIVE") // This equates to 'if there is 1 record AND the active field equals 0 (false)'
    {
       session_unset();
echo "<script type='text/javascript'>alert('Your account have been deactivated.Please contact your admin!');window.location.href='Index.html'; </script>";
    }





?>
Member Avatar for LastMitch

Anybody can help me with this code? Why the pop up message for deactivated account did not showed up?

You have 2 lines that has that code.

Line 24 to 28

 if ($count1==1 && $row1['enabled'] =="NOT ACTIVE")
{
session_unset();
echo "<script type='text/javascript'>alert('Your account have been deactivated.Please contact your admin!');window.location.href='Index.html'; </script>";
}

Line 80 to 84

if ($count2==1 && $row["enabled"] == "NOT ACTIVE") // This equates to 'if there is 1 record AND the active field equals 0 (false)'
{
session_unset();
echo "<script type='text/javascript'>alert('Your account have been deactivated.Please contact your admin!');window.location.href='Index.html'; </script>";

May I ask what is $row1[ ]? Shouldn't be just $row[ ] for both examples?

He has three different DB queries, one is getting admins ($row1) one is geting staff with a banned account ($row) and the other gets Staff withour a banned account (no variable set for this one). While this method works it would be just as easy to make this all one DB query to reduce the number of DB queries you need to make (And don't forget we shouldn't be using mysql_ functions anymore)

All that asside your IF statements on lines 9 and 33 are assigning variables to your POST data rather than checking them as you only have single statements

9  if ($_POST['user']='Admin'){
33 if ($_POST['user']='Staff'){

should be

9  if ($_POST['user']=='Admin'){
33 if ($_POST['user']=='Staff'){

@LastMitch
i used $row[] and $row1[] to differentiate the mysQL coding.

@GliderPilot
thanks a lot, i didn't notice that

Thanks guys,
i've solve it =) it just because of the arrangement of the coding make it hard to read and that make the system didnt work

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.