Hi Guys
My registration page and login form is working fine. If any
member register and then login, user come to
member.php page. member page has their profile information which is only for members. Now i want to create an
admin login in which admin will redirect to
admin.php page. This page has all information
like:
about how many user register (done)
all other admin task(done)
I have done my admin pages but i dont know how to authorise admin login and password, if i use those then it will take me to admin area.
Here is my code of login form
<form id="loginForm" name="loginForm" method="post" action="login-exec.php">
<table width="700" border="0" align="center" cellpadding="2" cellspacing="0">
<tr>
<td width="112"><b>User id (Email-id)</b></td>
<td width="188"><input name="user_email" type="text" class="textfield" id="login" /></td>
</tr>
<tr>
<td><b>Password</b></td>
<td><input name="password" type="password" class="textfield" id="password" /></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="Login" /></td>
</tr>
</table>
</form>
</body>
</html>
code for login-exec.php
<?php
session_start();
require_once('config.php');
$errmsg_arr = array();
$errflag = false;
----something----
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
$user_email = clean($_POST['user_email']);
$pwd = clean($_POST['password']);
if($user_email == '') {
$errmsg_arr[] = 'Login ID missing';
$errflag = true;
}
if($pwd == '') {
$errmsg_arr[] = 'Password missing';
$errflag = true;
}
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: login-form.php");
exit();
}
$qry="SELECT * FROM customer WHERE user_email='$user_email' AND password='$pwd' ";
if ($user_email= )
$result=mysql_query($qry);
if($result) {
if(mysql_num_rows($result) == 1) {
session_regenerate_id();
$customer = mysql_fetch_assoc($result);
$_SESSION['SESS_id'] = $customer['id'];
$_SESSION['SESS_fname'] = $customer['first_name'];
$_SESSION['SESS_lname'] = $customer['last_name'];
session_write_close();
header("location: member-index.php");
exit();
}else {
header("location: login-failed.php");
exit();
}
}else {
die("Query failed");
}
?>