Thank you for response.
Since that day I was trying hard on re-direct my users after login according to their levels i.e "admin", "clerk", "client" and guest.
I checked the process by printing out before each steps and have the following result:
1a: UserName :admin01
1b: UserName :admin01
1c: UserRole :-admin
5: session statrted
7: LoginFormAction
13: isset($_POST[Username])= true
15: username: clerk01
17: Password:clerk01
18: UserRorle:clerk
Asign $MM_redirectLoginSuccess = getTheUserPage($UserRole)
19: Function getTheUserPage started
19b4switch: UserRole =clerk
19clerk: UserRole =clerk
19return UserRole:clerk
20: User LoginFounduser found
23: redirectLoginSuccess, call getUserPage
That shows my code was running but is not giving the required results as it is showing the user redirected page.
The code is as follows:
<? php
...
//////////////////////////////////////////////////////////////////////////////////////////
///////////// Find the loginsuccess page
//////////////////////////////////////////////////////////////////////////////////////////
function getTheUserPage($UserRole){
echo ('<br>'.' 19: Function getTheUserPage started'.'<br>');
echo ('19b4switch: UserRole ='.$UserRole.'<br>');
switch($UserRole) {
case "admin":
header("Location: admin/admin-index.php");
echo ('19admin: UserRole ='.$UserRole.'<br>');
break;
case "client":
header("Location: clerk/clerk-index.php");
echo ('19client: UserRole ='.$UserRole.'<br>');
break;
case "clerk":
header("Location: client/client-index.php");
echo ('19clerk: UserRole ='.$UserRole.'<br>');
break;
case "guest":
header("Location: guest-index.php");
echo ('19guest: UserRole ='.$UserRole.'<br>');
break;
}
// return $UserRole;
echo ('19return UserRole:'.$UserRole.'<br>');
}
//////////// DB operation
//-------------------------------------------------------------
mysql_select_db($database_MySQLonlineConnection, $MySQLonlineConnection);
$query_GetCustomers = "SELECT * FROM users";
$GetCustomers = mysql_query($query_GetCustomers, $MySQLonlineConnection) or die(mysql_error());
$row_GetCustomers = mysql_fetch_assoc($GetCustomers);
$totalRows_GetCustomers = mysql_num_rows($GetCustomers);
echo ('1a: UserName :'.$row_GetCustomers['UserName'].'<br> 1b: UserName :'.$row_GetCustomers['UserPassword'].'<br>'); // username = admin01
echo ('1c: UserRole :-'.$row_GetCustomers['UserRole'].'<br>'); // UserRole= admin
?>
<?php
///////////////////////////////////////////////////////
// *** Validate request to login to this site.
///////////////////////////////////////////////////////
if (!isset($_SESSION)) {
session_start();
echo ('5: session statrted'.'<br>'); ///////////////////// Session initialized!!!
}
$loginFormAction = $_SERVER['PHP_SELF'];
echo('7: LoginFormAction '.'<br>'); /////////////////// LoginFormaction strated!!!
////////////////////////////////////////////////////////////////////////////////////////////////////
// check if login page redirected from a previous URL and set session to that URL check
//////////////////////////////////////////////////////////////////////////////////////////////////
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
echo ('11: set $_session[PrevUrl]'.'<br>'); //////////////////////// Goto previous URL
}
///////////////////////////////////////////////////////////////////////////////////////////////////
//Check and assign UserName and password posted by the login form.
// Define the login-failed and login-sucessful pages
//////////////////////////////////////////////////////////////////////////////////////////////////
if (isset($_POST['UserName'])&&'submitted') {
echo ('13: isset($_POST[Username])= true'.'<br>'); //////////////////// Username found?
$loginUsername=$_POST['UserName'];
$password=$_POST['PW'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginFailed = "/Online_site/Admin/login5.php";
$MM_redirecttoReferrer = true;
mysql_select_db($database_MySQLonlineConnection, $MySQLonlineConnection);
$LoginRS__query=sprintf("SELECT * FROM users WHERE UserName=%s AND UserPassword=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));
$GetCustomers = mysql_query($LoginRS__query, $MySQLonlineConnection) or die(mysql__error());
$loginFoundUser = mysql_num_rows($GetCustomers);
///////////////////////////////////////////////////////////////////////////////////////////
$row_GetCustomers = mysql_fetch_assoc($GetCustomers);
$totalRows_GetCustomers = mysql_num_rows($GetCustomers);
///////////////////////////////////////////////////////////////////////////////////////////
$UserRole =$row_GetCustomers['UserRole']; /////////////// Assign UserRole vlaue from the SQL Query
echo ('15: username: '.$loginUsername.'<br>');
echo ('17: Password:'.$password.'<br>');
echo ('18: UserRorle:'.$UserRole.'<br> Asign $MM_redirectLoginSuccess = getTheUserPage($UserRole)'); //Result: clerk...
$MM_redirectLoginSuccess = getTheUserPage($UserRole); // User index Page
////////////////////////////////////////////////////////////////////////////////////////////
//session_regenaerate_id If User is found
/////////////////////////////////////////////////////////////////////////////////////////////
if ($loginFoundUser) {
$loginStrGroup = "";
echo ('20: User LoginFounduser found'.'<br>'); //////////////////// Test if user found !
//--------------------------------------------------------------------------------------------------
/////////////////////////////////////////////////////////////////////////////////////////
/// Test if PHP >=5.1
/////////////////////////////////////////////////////////////////////////////////////////
if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
////////////////////////////////////////////////////////////////////////////////////////////////////
// check if login page redirected from a previous URL then set the redirection to the prev URL.
// then direct the successful login to a website else to failed login page
//////////////////////////////////////////////////////////////////////////////////////////////////
if (isset($_SESSION['PrevUrl']) && true) {
echo ('21: '.' redirectLoginSuccess =PrevURL'.'<br>'); //////////// redirectLoginsuccess
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
echo ('23: '.' redirectLoginSuccess, call getUserPage '.'<br>'); //////////// redirectLoginsuccess
exit;
}
else {
echo ('25: <br>'.'redirectLoginFailed'.'<br>'); /////////// Test if login Failed
header("Location: ". $MM_redirectLoginFailed );
exit;
}
echo ('27: User LoginFounduser not found'.'<br>'); // Test if LoginFounduser not found !
}
echo ('29: isset($_POST[UserName]= FALSE'.'<br>'); // Test if login Failed
?>