Hi there… Im making this login script (with alot of help from others) and i have come accross a problem. When i login with my details (I am classed as “leader” in the database) it directs me to the explorer page! Any ideas why?
Fet
index.php
[code=php]
<form action=’LoginScript.php’method=’post’>
<fieldset>
<legend>Log In</legend>
<p><label for=”Forename”>Forename:</label>
<input name=”Forename” type=”text” size=”16″ maxlength=”16″ value=”<?php $_POST[‘Forename’]; ?>”>
</p>
<p><label for=”Surname”>Surname:</label>
<input name=”Surname” type=”text” size=”16″ maxlength=”16″ value=”<?php $_POST[‘Surname’]; ?>”>
</p>
<p><label for=”Password”>Password:</label>
<input name=”Password” type=”password” size=”16″ maxlength=”16″ value=”<?php $_POST[‘Password’]; ?>”>
</p>
<p><input type=”submit” name=”submit” value=”Log In”></p>
LoginScript.php
[code=php]
<?php
session_start();
require(“DbConnect.php”);
if(isset($_POST[‘submit’]))
{
$Forename = mysql_real_escape_string($_POST[‘Forename’]);
$Surname = mysql_real_escape_string($_POST[‘Surname’]);
$Password = mysql_real_escape_string($_POST[‘Password’]);
$query = “SELECT * FROM `tblExplorerGroup` WHERE `Forename`=’$Forename’ AND `Surname`=’$Surname’ AND `Password`= ‘$Password'”;
$result = mysql_query($query) or die(“ERROR: ” . mysql_error());
if(mysql_num_rows($result) > 0) # we found a match, so set $_SESSION flag:
{
$_SESSION[‘logged’] = TRUE;
$row = mysql_fetch_object($result);
$_SESSION[‘User_Type’] = (strtolower($row->User_Type) == ‘leader’) ? ‘leader’ : ‘explorer’;
if(isset($_SESSION[‘caller’]))
{
header(“Location: ” . $_SESSION[‘caller’]);
exit;
}
else # otherwise go to main page
{
header(“Location: CheckLogin.php”);
exit;
}
}
else # invalid login, so create error message
{
$error = “<p id=’error’>ERROR: Invalid user name and/or password.</p>”;
}
}
?>
CheckLogin.php
[code=php]
<?php
if($_SESSION[‘User_Type’] == ‘leader’)
{
header(‘Location: LeaderMain.php’);
}
else
{
header(‘Location: ExplorerMain.php’);
}
?>