Validate query result equals a carater

Question

Validate query result equals a carater

Navigation

#1 by (0 votes)

0

I'm doing a Login project, and what I want to do is that if it's a user on the side and if it's admin between another, I'm already validating the user and password but I have the user-type field in my DB that is A if it is admin and U if you are a user, I want to know if the result of my query can be compared to the letter "A" and if it is true that you send me to the indicated site. I append the code to see what I have wrong. I have little programming in php so understand these questions so absurd for some.

<?php
require('conexion.php');

session_start();
      $mysqli = new mysqli($host,$usr,$pw,$basedatos);
      if ($mysqli -> connect_errno)
      {
        printf("Conexion Fallida: %s\n", $mysqli->connect_error);
        exit();
      }
      if (isset($_POST["usuario"]) && isset($_POST["password"]))
      {
        $username = $_POST['usuario'];
        $password = $_POST['password'];

        $user = "SELECT tipo_usuario FROM usuarios WHERE usuario = '" . $_POST['usuario'] ."'" . "AND contrasena = '" . $_POST['password'] ."'";
        $resultado1 = $mysqli -> prepare($user);
        $resultado1 -> execute();
        $resultado1 -> store_result();

        if ($resultado ->num_rows == "A")
        {
              $_SESSION['login'] = true;
              $_SESSION['usuario'] = $username;
              $_SESSION['start'] = time();
              $_SESSION['expire'] = $_SESSION['start'] + (30 * 60);
              echo "Bienvenido! " . $_SESSION['usuario'];
              echo "<br><br><a href=panel_control.php>Panel de Control</a>";
      }
      else { 
        echo "<meta http-equiv='refresh' content='0; URL=usuario_noexiste.php'>";
          } 
    }
      $mysqli -> close();
?>

mysql php mysqli

asked by Xavi 24.10.2018 в 21:08

source

1 answer

Read and write assignments in ruby Problem with local web in chrome on windows 10

score 0 · Answer 1

Look to see if this works for you:

<?php
require('conexion.php');

session_start();
      $mysqli = new mysqli($host,$usr,$pw,$basedatos);
      if ($mysqli -> connect_errno)
      {
        printf("Conexion Fallida: %s\n", $mysqli->connect_error);
        exit();
      }
      if (isset($_POST["usuario"]) && isset($_POST["password"]))
      {
        $username = $_POST['usuario'];
        $password = $_POST['password'];

        $user = "SELECT tipo_usuario FROM usuarios WHERE usuario = '" . $_POST['usuario'] ."'" . "AND contrasena = '" . $_POST['password'] ."'";
        $resultado1 = $mysqli -> prepare($user);
        $resultado1 -> execute();
        $datos = $resultado1 -> get_result();
        if($datos->num_rows > 0){
            $fila = $datos->fetch_assoc();
            if($fila['tipo_usuario'] == 'A'){
                $_SESSION['login'] = true;
                  $_SESSION['usuario'] = $username;
                  $_SESSION['start'] = time();
                  $_SESSION['expire'] = $_SESSION['start'] + (30 * 60);
                  echo "Bienvenido! " . $_SESSION['usuario'];
                  echo "<br><br><a href=panel_control.php>Panel de Control</a>";
            } else {
                echo "<meta http-equiv='refresh' content='0; URL=usuario_noexiste.php'>";
            }
        }
    }
      $mysqli -> close();
?>

Change the part where you execute the query a bit, use get_result instead of store_result and with fetch_assoc I get the rows that the query returns as an associative array and I can already ask for the type of user there