Login Access Levels

Report · Mar 28, 2017

Dear David Power,

Firstly let me appreciate you for your very good written tutorials. I am actually not a web developer but my wish is to learn it, Since last couple of Years, I am trying to learn and create a simple website but still at the initial stage and could not get succeeded, I might be a dumb person but well I am also courageous that I did not surrender yet.

I read your 'First Dynamic Website Tutorial' in which you have taught us login without access levels, I viewed few tutorials from Youtube and learnt about access levels. Now, I have created 2 tables in xampp 'users' & 'news'. If I want to give access to Admin to update/delete news and also to manage users but Users can only view and update their email or password. means i need to assign access levels. I assigned 2 as default level for users and 1 for admin.

both were working fine, then I actually don't know what happened, my admin denied to get login, while user is perfectly working and arrive me at user control panel. I tried and removed Recordset and Restrict page access from Admin Control Panel and added it again But still admin login do not works.

In the login Page I mentioned table name as users and if Login Succeed go to Page "User Account pannel" while if failed go to "LoginFailed" and access level as "Userlevel" colums in users table.

Now, it takes Users to User Account Pannel but to admin it takes to LoginFailed page.

This is more than a week I could not solve this

David, could you please help me in this? what could be a possible reason which I should check, and/or what could be a possible solution to resolve this login issue? OR could you please give me any PHP or Javascript code to assign access levels to users and admin? please....

Regards,

Report · Mar 28, 2017

The "First Dynamic Website" tutorial is many years old and not entirely relevant for modern PHP & MySQL users. Ir relies on the deprecated Server Behavior Panels which Adobe removed from DW in 2013 for very good reasons. The code is neither secure or supported in PHP 7. You should not use the old Server Behavior Panels for modern projects.

If you want to learn modern coding methods , David Powers has some excellent PHP video tutorials on Lynda.com.

David Powers — Online Courses, Classes, Training, Tutorials on Lynda

Lynda.com charges a subscription rate but they have quality control standards that YouTube does not have. So you get what you pay for.

Nancy

Nancy O'Shea— Product User, Community Expert & Moderator

Report · Mar 28, 2017

Sadly for the OP l have not seen David around this particular forum for some time but if he did appear l think he would NOT be recomending something that he wrote years ago and is mostly not relevant now.

Report · Mar 28, 2017

I will appreciate if somebody give solution rather to recommend something else, just wanting to know possible reasons of not getting logged in as admin, i want to understand the chemistry.

If I could pay subscription charges I wouldn't need to be here. i am reading from youtube as well and not only that old tutorial, things improved but the way David teaches in that tutorial is really awesome. it is superb for beginners.

Regards,

Report · Mar 28, 2017

If you're using current XAMP with PHP7 nothing in your current code will work. That's it. Nothing more to say.

Nancy

Nancy O'Shea— Product User, Community Expert & Moderator

Report · Mar 28, 2017

I just cant believe your discouraging me behavior dear, as I wrote above both user and admin access levels were working fine and it was my mistake that i copied paste few things for edit delete purpose and did something which i also not sure what i did, after which admin access denies.

well i am waiting for David Power, I hope he will give a good solution. otherwise,,, I will again try it from scratch so no need to discourage me.

Report · Mar 28, 2017

zohrapardesi wrote
I just cant believe your discouraging me behavior dear, as I wrote above both user and admin access levels were working fine and it was my mistake that i copied paste few things for edit delete purpose and did something which i also not sure what i did, after which admin access denies.
well i am waiting for David Power, I hope he will give a good solution. otherwise,,, I will again try it from scratch so no need to discourage me.

To get any help if David did turn up, which I don't expect, you would need to post the code of your login page here.

I dont use the Dreamweaver server behaviors any longer but when I did things were always going wrong. I found it was always best to get rid of all of the behaviours from the page using the server panel to delete the code and start applying them again, more often than not that seemed to right whatever went wrong.

Report · Mar 28, 2017

I'm not trying to discourage you form learning proper coding methods. Far from it.

I am discouraging you from using bad code created from outdated behavior panels. Please don't continue to use them for projects. The code is not secure.

See links below for modern replacements. Use these instead of old behavior panels.

Nancy

Nancy O'Shea— Product User, Community Expert & Moderator

Report · Mar 28, 2017

To knock on David's door simply mention him like David_Powers. I am sure though that David will discourage you from continuing to use his otherwise excellent tutorial by stating that the tutorial is no longer valid.

Further to the statements made by osgood_ and Nancy, I would suggest that you follow Nancy's advice and turn to DMXzone.

Wappler, the only real Dreamweaver alternative.

Report · Mar 29, 2017

Nancy OShea, osgood_, and BenPleysier are all right: Dreamweaver's PHP server behaviors are no longer fit for purpose. Do not use them. If you like my style of teaching, but can't afford a subscription to lynda.com, try to get hold of a copy of my PHP Solutions, 3rd Edition, published by Apress. It's not expensive, and you can probably find a second-hand copy.

I've not been active in these forums for several months for personal reasons. I do intend to come back eventually, but not just yet.

Report · Mar 29, 2017

David_Powers wrote
https://forums.adobe.com/people/Nancy+OShea , osgood_, and BenPleysier are all right: Dreamweaver's PHP server behaviors are no longer fit for purpose. Do not use them. If you like my style of teaching, but can't afford a subscription to lynda.com, try to get hold of a copy of my PHP Solutions, 3rd Edition, published by Apress. It's not expensive, and you can probably find a second-hand copy.
I've not been active in these forums for several months for personal reasons. I do intend to come back eventually, but not just yet.

Nice to see you're still around David and hope whatever is keeping you away eventually resolves itself in a positive way.

Report · Mar 29, 2017

It would'nt be difficult to direct an Admin user to an Admin Section of the website and a Non-Admin-User to a different section of the website based on what access level they have been assigned in the database.

Using mysqli below. Querying a database with the name 'users' and a table within that database with the name 'users'. In the users table there are 3 fields - username, password and userlevel where you set the userlevel to 1 for an admin and leave it blank for a non admin.

Of couse this is just a simple example and principal of using mysqli, checking username and password are correct and what level of access the user has and sending them to the appopriate section. In the instance below the password in NOT encrypted in the database but it should be which would bring a new set of problems when checking the password against the form field input. If you are using php 5.5 or greater you can use the php password_verify function, PHP: password_verify - Manual which would be reasonably easy to incorporate into the code.

Of course this would also have a knock on effect as you would need to remove any DW server behaviours you have used on the internal pages which effect the login being verified and replace that with a simple bit of php code that redirects back to the login page if $_SESSION['username'] is not set. That is set once the username and password has been checked against those held in the database and are verified as correct - $_SESSION['username'] = $username;

<?php session_start() ?>

<?php

// connect to database

$conn = new mysqli('localhost' , 'root' , 'root' , 'users'); ?>

<?php

// Query database for username and password

if(isset($_POST['submit'])) {

$username = $conn->real_escape_string((trim($_POST['username']));

$sql = 'SELECT * FROM users';

$result = $conn->query($sql) or die($conn->error);

while ($row = $result->fetch_assoc()) {

if ($row['username'] == $username && $row['userlevel'] == 1 && $row['password'] == trim($_POST['password'])) {

$_SESSION['username'] = $username;

// Redirect to admin users to specific page if login successful

header('Location: http://www.bbc.co.uk');

}

elseif ($row['username'] == $username && $row['password'] == trim($_POST['password'])) {

$_SESSION['username'] = $username;

// Redirect non-admin users to specific page if login successful

header('Location: http://www.itv.co.uk');

}

else {

// If username and password don't match then asign a message to a variable

$response = "Sorry you do not have permission to access this website";

}

?>

<!DOCTYPE html>

<html>

<head>

<title>Secure Login</title>

</head>

<body>

<h1>Login Username</h1>

<?php

if(isset($response)) {

echo $response;

}

?>

<label for="username">Username</label><br />

<label for="password">Password</label><br />

</form>

</body>

</html>

Report · Mar 29, 2017

Thanks alot Osgood I did not touch SQL/PLSQL since 2001 and i know mysqli is little different but I hope your code will help me to understand. I will post here if got succeeded. Thanks alot once again.

Report · Mar 29, 2017

Nice to see you around David and thanks for the reply and suggestion, I will look at this

Login Access Levels

1 Correct answer