Hi,
Using the following code I am able to authenticate which type of user is
visiting my page, however if I try to log in again with a different type of
user the session variables still assume that the original user was logged
in, is there a way to reset the session variables, I have tried
session_destroy() and session_unset() but without success...
<?php
require("dbconnect.php");
// Assume user is not authenticated
$auth = false;
// Formulate the query
$query = "SELECT * FROM WMS_User WHERE
User_Username = '$_POST[username]' AND
User_Password = '$_POST[password]'";
// Execute the query and put results in $result
$result = mysql_query( $query )
or die ( 'Unable to execute query.' );
// Get number of rows in $result.
$num = mysql_numrows( $result );
if ( $num != 0 ) {
// A matching row was found - the user is authenticated.
$auth = true;
//get the data for the session variables
$suser_name = mysql_result($result, 0, "User_Name");
$suser_password = mysql_result($result, 0, "User_Password");
$stype_level = mysql_result($result, 0, "User_Type");
$ses_name = $suser_name;
$ses_pass = $suser_password;
$ses_level = $stype_level;
session_register("ses_name");
session_register("ses_pass");
session_register("ses_level");
}
//if user isn't authenticated redirect to appropriate page
if ( ! $auth ) {
include("index.php");
exit;
}
//if user is authenticated, include the main menu
else{
include("home.php");
}
//close connection
mysql_close();
?>
thanks for your help
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
