Login system with different users roles

I did a login/register system and it works fine. I wanted to add user roles, e.g. When the admin logs in, he will be redirected to index page; when user logs in, he will be redirected to profile page. This is what I did:

functions.php

    public function loginUser($username,$password){
    $query=$this->db->prepare("SELECT id, username FROM users WHERE username=? AND email=?");
    $query->execute(array($username,$password));
    $userdata=$query->fetch();

    $num=$query->rowCount();

    if($num==1){
        session_start();
        $_SESSION['login']= true;
        $_SESSION['uid']= $userdata['id'];
        $_SESSION['uname']= $userdata['username'];
        $_SESSION['login_msg']= "Login succesful";

        return true;
    }else{
        return false;
    }
}

public function userRole($uid){
    $query=$this->db->prepare("SELECT role FROM users WHERE id=?");
    $query->execute(array($uid));
    $res=$query->fetch();
    echo $res['role'];
}

login.php

<?php
if($_SERVER['REQUEST_METHOD'] == 'POST'){
$username=$_POST['username'];
$password=$_POST['password'];

if(empty($username) or empty($password)){
   echo "Error... Field must not be empty";
}else{
   $login = $user->loginUser($username,$password);
   if($login){
      header('Location: transition.php');
   }else{
     echo "E-mail or password not match";
   }
 }
}
?>

            <form action="" method="post" name="reg">
                <table>
                    <tr><td> <input type="text" name="username" placeholder="Nombre de usuario"></td></tr>
                    <tr><td> <input type="password" name="password" placeholder="Password"></td></tr>

                    <tr><td> <input type="submit" name="login" value="Login" onclick="return(submitreg());"></td></tr>
                </table>
            </form>

transition.php

<?php
session_start();
require_once "functions.php";
$db = new DatabaseConnection();
$user = new LoginRegister($db->pdo);

$uid=$_SESSION['uid'];
$username=$_SESSION['uname'];

if(!$user->getSession()){
header('Location: login.php');
exit();
}
$type = $user->userRole($uid);
echo $type;

if($type == 0){
header('Location: index.php');
}else{header('Location: profile.php');
}
?> 

I added the function userRole to get the role of the user, and transition.php is to know if the function works fine, if I delete the if sentence and I print the role, it prints the right role. When I login without this function and php file it works properly, but when I added this function and php file, I always get redirected to index.php regardless the role.

In my database the user role is just a number (0 for admin and 1 for user).

Answers


I had a similar problem involving administration roles. I created a column named active. If active was 0

the user's account was deactivated

If active was 1

the user account was currently active

If active was 2

the user is an admin

You could do a simple if statement to check what is the value of active. You would check this value after a login...


Need Your Help

Executing stored procedure using linq in c#

c# sql linq sql-server-2008 linq-to-sql

I made a stored procedure in sql server 2008 which gives me the changes made to a table. I am using Linq to SQL to use this table in C#.

Doctrine and Zend_Form Validation

php validation zend-framework doctrine

I am using Zend Framework and Doctrine on a project and was wondering if anyone can suggest a good way to integrate Doctrine's validation with Zend_Form. I'm trying to avoid code duplication.