Skip to content

Instantly share code, notes, and snippets.

@achudars
Created November 26, 2013 18:21
Show Gist options
  • Save achudars/7663266 to your computer and use it in GitHub Desktop.
Save achudars/7663266 to your computer and use it in GitHub Desktop.
Different user roles with PHP and PDO
<?php
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
try {
// Connect to server and select database.
$db = new PDO("mysql:host=$host;dbname=$db_name", $username, $password);
$db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
$stmt = $db->("SELECT *, COUNT(*) as count FROM login WHERE `username`=:user and `password`=:pass");
$stmt->bindParam(':user', $myusername);
$stmt->bindParam(':pass', $mypassword);
if ($row = $sth->fetch(PDO::FETCH_ASSOC)) {
$count = $row['count'];
// If result matched $myusername and $mypassword, table must be 1 row
if ($count == 1) {
switch( $row['role'] ){
case 'Admin':
header("location:index.php");
exit();
case 'Trainer':
header("location:index1.php");
exit();
case 'Line Manager':
header("location:index2.php");
exit();
case 'Client':
header("location:client.php");
exit();
default:
echo "Wrong Username or Password";
}
}
}
$db = null;
}
catch(PDOException $e) {
echo $e->getMessage();
}
?>
@sudorootuser
Copy link

Hola buenas noches, tengo una duda, qué significa la variable "$sth" en esta linea: 15 if ($row = $sth->fetch(PDO::FETCH_ASSOC)) {.

estaré atento a su respuesta grcaias

@achudars
Copy link
Author

achudars commented Jun 5, 2021

Hola, @sudorootuser, en realidad no lo recuerdo, porque escribí esto hace 8 años.

Quizás cometí un error. Quizás debería ser:

if ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {

Descargo de responsabilidad. Sugeriría no confiar en este código, ya que puede estar desactualizado y tener algunas vulnerabilidades de seguridad.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment