unplugged_web Posted November 14, 2007 Share Posted November 14, 2007 I wonder if somebody can help me please. I have a webpage that I only want certain people to be able to visit, depending on if their details are in the database. I think I got it right (or at least most of it right), but just wanted someone to confirm this as I'm not that confident around php.Somebody will do to a page and have to add their name <form action="user.php" method="get"><label>Name<input type="text" name="fistname" /></label><input type="text" name="surname" /><br /><input type="submit" value="GO" /></form> Then the user.php page would be <?php$con = mysql_connect("hostname/server IP","username","password");if (!$con) { die('Could not connect: ' . mysql_error()); }mysql_select_db("database_name", $con);$result = mysql_query("SELECT users");$firstname = $_REQUEST['firstname'];$surname = $_REQUEST['surname'];if ($firstname == '' and $surname == '') {echo 'user_page.php';} else {echo "non_user_page.php";}?> So basically if both the first and surnames match results that are stored in a database then they are taken to one page, but are taken to a different page if they are not in the database.Thanks Link to comment Share on other sites More sharing options...
Ingolme Posted November 14, 2007 Share Posted November 14, 2007 I'd do it this way: <?php$con = mysql_connect("hostname/server IP","username","password");if (!$con) { die('Could not connect: ' . mysql_error()); }mysql_select_db("database_name", $con);$firstname = $_REQUEST['firstname'];$surname = $_REQUEST['surname'];$result = mysql_query("SELECT * FROM users WHERE firstname = '$firstname' AND surname = '$surname'");if (mysql_num_rows($result) > 0) {echo 'user_page.php';} else {echo "non_user_page.php";}?> By the way, substitute firstname and surname for the database field names if these are incorrect in "firstname = '$firstname' AND surname = '$surname'" Link to comment Share on other sites More sharing options...
unplugged_web Posted November 14, 2007 Author Share Posted November 14, 2007 I'd do it this way:<?php$con = mysql_connect("hostname/server IP","username","password");if (!$con) { die('Could not connect: ' . mysql_error()); }mysql_select_db("database_name", $con);$firstname = $_REQUEST['firstname'];$surname = $_REQUEST['surname'];$result = mysql_query("SELECT * FROM users WHERE firstname = '$firstname' AND surname = '$surname'");if (mysql_num_rows($result) > 0) {echo 'user_page.php';} else {echo "non_user_page.php";}?> By the way, substitute firstname and surname for the database field names if these are incorrect in "firstname = '$firstname' AND surname = '$surname'" Thanks, I'll give that a go Link to comment Share on other sites More sharing options...
unplugged_web Posted November 14, 2007 Author Share Posted November 14, 2007 I tried your suggestion and it works perfectly, but can I change it so that depending on the results the users is taken to a different page? At the moment it's just displaying the address rather that going to that addressThanks Link to comment Share on other sites More sharing options...
Pollux Posted November 14, 2007 Share Posted November 14, 2007 To redirect, set the header like this in place of the echos. Just replacing "" with the addess you want to redirect to. header( 'Location: ' ); Link to comment Share on other sites More sharing options...
Ingolme Posted November 14, 2007 Share Posted November 14, 2007 Oh, sure. Just change this:if (mysql_num_rows($result) > 0) {header("Location: user_page.php");} else {header("Location: non_user_page.php");} Link to comment Share on other sites More sharing options...
unplugged_web Posted November 14, 2007 Author Share Posted November 14, 2007 To redirect, set the header like this in place of the echos. Just replacing "" with the addess you want to redirect to. header( 'Location: ' ); Sorry to be stupid, but where do I put the header( "Location: {url}'); ? I changed the code to<?php$con = mysql_connect("hostname/server IP","username","password");if (!$con) { die('Could not connect: ' . mysql_error()); }mysql_select_db("database_name", $con);$firstname = $_REQUEST['firstname'];$surname = $_REQUEST['surname'];$result = mysql_query("SELECT * FROM users WHERE firstname = '$firstname' AND surname = '$surname'");if (mysql_num_rows($result) > 0) {header("location: loggedin.php"); exit(); } else { echo 'echo "register.php.!'; } ?> but got an error message saying Warning: Cannot modify header information - headers already sent by (output started at e:\domains\m\mysite.com\user\htdocs\users.php:1) in e:\domains\m\ mysite.com\user\htdocs\users.php on line 14 line 14 is:header("location: loggedin.php"); Thanks Link to comment Share on other sites More sharing options...
unplugged_web Posted November 14, 2007 Author Share Posted November 14, 2007 Oops I think I was writing this post as you where writing your post. Thanks, I've changed the code to your suggestion and it now works perfectly.Thanks Link to comment Share on other sites More sharing options...
unplugged_web Posted November 15, 2007 Author Share Posted November 15, 2007 Oops I think I was writing this post as you where writing your post. Thanks, I've changed the code to your suggestion and it now works perfectly.ThanksSorry I'm back again, is it possible to get the database to check just the first character of the surname field?Thanks Link to comment Share on other sites More sharing options...
Ingolme Posted November 15, 2007 Share Posted November 15, 2007 Do you mean to search for all surnames starting with the first character? Link to comment Share on other sites More sharing options...
unplugged_web Posted November 15, 2007 Author Share Posted November 15, 2007 Do you mean to search for all surnames starting with the first character?Yes so if somebody's name is joe bloggs it will return a match for all joe b's even if they type joe blaggs Link to comment Share on other sites More sharing options...
Ingolme Posted November 15, 2007 Share Posted November 15, 2007 The problem is that it may allow access to people who have similar names to others, but if you really want it, try this query: $firstname = $_REQUEST['firstname'];$surname = substr($_REQUEST['surname'],0,1); // gets the first character of the given name.$result = mysql_query("SELECT * FROM users WHERE firstname = '$firstname' AND surname LIKE '$surname%'"); Link to comment Share on other sites More sharing options...
unplugged_web Posted November 15, 2007 Author Share Posted November 15, 2007 The problem is that it may allow access to people who have similar names to others, but if you really want it, try this query:$firstname = $_REQUEST['firstname'];$surname = substr($_REQUEST['surname'],0,1); // gets the first character of the given name.$result = mysql_query("SELECT * FROM users WHERE firstname = '$firstname' AND surname LIKE '$surname%'"); Thanks for that, it was spot on Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.