Created
November 26, 2013 18:21
-
-
Save achudars/7663266 to your computer and use it in GitHub Desktop.
Different user roles with PHP and PDO
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// username and password sent from form | |
$myusername=$_POST['myusername']; | |
$mypassword=$_POST['mypassword']; | |
try { | |
// Connect to server and select database. | |
$db = new PDO("mysql:host=$host;dbname=$db_name", $username, $password); | |
$db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION ); | |
$stmt = $db->("SELECT *, COUNT(*) as count FROM login WHERE `username`=:user and `password`=:pass"); | |
$stmt->bindParam(':user', $myusername); | |
$stmt->bindParam(':pass', $mypassword); | |
if ($row = $sth->fetch(PDO::FETCH_ASSOC)) { | |
$count = $row['count']; | |
// If result matched $myusername and $mypassword, table must be 1 row | |
if ($count == 1) { | |
switch( $row['role'] ){ | |
case 'Admin': | |
header("location:index.php"); | |
exit(); | |
case 'Trainer': | |
header("location:index1.php"); | |
exit(); | |
case 'Line Manager': | |
header("location:index2.php"); | |
exit(); | |
case 'Client': | |
header("location:client.php"); | |
exit(); | |
default: | |
echo "Wrong Username or Password"; | |
} | |
} | |
} | |
$db = null; | |
} | |
catch(PDOException $e) { | |
echo $e->getMessage(); | |
} | |
?> |
Hola, @sudorootuser, en realidad no lo recuerdo, porque escribí esto hace 8 años.
Quizás cometí un error. Quizás debería ser:
if ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
Descargo de responsabilidad. Sugeriría no confiar en este código, ya que puede estar desactualizado y tener algunas vulnerabilidades de seguridad.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hola buenas noches, tengo una duda, qué significa la variable "$sth" en esta linea: 15 if ($row = $sth->fetch(PDO::FETCH_ASSOC)) {.
estaré atento a su respuesta grcaias