Setting Access Levels

1

I have a system that has a pv_usuario table and a pv_cargo table. I would like to make a check according to the post the user will be redirected to different page. Home I have the following code:

$result = "select * from pv_usuario where login = '$login' and senha = '$senha' and ativo = 1";
$sql_execute = mysql_query($result);
$sql_verifica = mysql_num_rows($sql_execute);

    if($sql_verifica > 0)
    {
        if($senha == 'giga123' )
          {
            session_start();
            $_SESSION['login'] = $login;
            $_SESSION['senha'] = $senha;
            header('location:../../mpv/Login/reset.php');
          }
          else {
            session_start();
            $_SESSION['login'] = $login;
            $_SESSION['senha'] = $senha;
            header('location:../../mpv/index.php');
            exit;
        }

    }else 
        {
           session_destroy();
           unset($_SESSION['login']);
           unset($_SESSION['senha']);
           session_destroy();
           header('location:../../mpv/acesso_negado.php');
            exit;
        }

I thought about doing something like this and put it inside the first if above:

$query = $con->query("select * from pv_usuario where login = '$login' and ativo = 1");
while($reg = $query->fetch_array()) 
{
if( $reg["cod_usuario"] == 1 ) 
  {
      header('location:../../mpv/Atendimento/index.php');
  }
  else if($reg["cod_usuario"] == 2)
  {
      header('location:../../mpv/Tecnico/index.php');
  }
}

It's just not working. What should I do?

    
asked by anonymous 04.09.2014 / 16:32

2 answers

2

To get started, I suggest you change the mysql_ to mysqli_ since the mysql_ will be discontinued.

If you want to keep the version with the name of the field $reg["cod_usuario"] instead of using $query->fetch_array() you can use $query->fetch_assoc() that solves the problem.

Or if you want to continue with $query->fetch_array() you can pass as parameter the type of data you want to receive as in this example:

$query = "SELECT Name, CountryCode FROM City ORDER by ID LIMIT 3";
$result = $mysqli->query($query);

/* ARRAY NÚMERICO */
$row = $result->fetch_array(MYSQLI_NUM);
printf ("%s (%s)\n", $row[0], $row[1]);  

/* ARRAY ASSOCIATIVO */
$row = $result->fetch_array(MYSQLI_ASSOC);
printf ("%s (%s)\n", $row["Name"], $row["CountryCode"]);  

/* ARRAY NÚMERICO E ASSOCIATIVO */
$row = $result->fetch_array(MYSQLI_BOTH);
printf ("%s (%s)\n", $row[0], $row["CountryCode"]);  

Sample Source .

    
04.09.2014 / 17:16
1

I recommend PDO for numerous advantages. You decide, but as @Bar B. said, avoid mysql_. I'm giving an example with PDO.

// Exemplo de conexão com PDO:
$pdo = new \PDO( 'mysql:host=localhost;dbname=suaTabela' , 'usuario' , 'senha' );
$stmt = $pdo-> prepare( "select * from pv_usuario where login = '$login' and ativo = 1" );
$stmt-> execute();
$row = $stmt-> fetch( \PDO::FETCH_ASSOC );

// Validando o tipo de cadastro:
if( $row["cod_usuario"] == 1 )
{
    // redirecionamento com caminho absoluto.
    header("location: http://www.example.com/mpv/Atendimento/index.php");
}
elseif($row["cod_usuario"] == 2 )
{
    // redirecionamento com caminho absoluto.
    header("location: http://www.example.com/mpv/Tecnico/index.php");
}
    
05.09.2014 / 07:41