php programmers i need help

willy ze great

JF-Expert Member
Apr 30, 2013
868
1,000
<?php
session_start();
$servername="localhost";
$username="root";
$password="";
$dbname="hms";
$conn=mysqli_connect($servername,$username,$password,$dbname);
if($_SERVER["REQUEST_METHOD"] == "POST"){
//username and password sent from form
$account = mysqli_real_escape_string($conn,$_POST['account']);
$pword = mysqli_real_escape_string($conn,$_POST['pword']);
$sql="select id from hospital where account='$account' and pword='$pword'";
$result= mysqli_query($conn,$sql);
$row= mysqli_fetch_array($result,MYSQLI_ASSOC);
$count= mysqli_num_rows($result);
//if result matched surname and password table row must be 1 row
if ($count==1){
$_SESSION['pharmacist'] = $account;
header ("location: pharmacy.php");
}elseif($count==1) {
$_SESSION['doctor'] = $account;
header ("location: doctor.php");

}elseif($count==1){
$_SESSION['receptionist'] = $account;
header ("location: reception.php");
}elseif($count==1){
$_SESSION['lab Technician'] = $account;
header ("location: lbtechncian.php");
}elseif($count==1){
$_SESSION['manager/admin'] = $account;
header ("location: index.php");
}else{

echo "<script>alert('wrong password , Try again!!!')</script>";
}

}

?>

user wako registred tayari tatizo nataka waingilie aina za account inayotakiwa na password tu. na impeleke kwenye page husika nimejaribu hizo inakubali kwa header ya kwanza tu.. msaada

problem solved nilifanya hivi ikakubali
<?php
session_start();
$servername="localhost";
$username="root";
$password="";
$dbname="hms";
$conn=mysqli_connect($servername,$username,$password,$dbname);
if($_SERVER["REQUEST_METHOD"] == "POST"){
//username and password sent from form
$account = mysqli_real_escape_string($conn,$_POST['account']);
$pword = mysqli_real_escape_string($conn,$_POST['pword']);
$sql="select id from hospital where account='$account' and pword='$pword'";
$result= mysqli_query($conn,$sql);
$row= mysqli_fetch_array($result,MYSQLI_ASSOC);
$count= mysqli_num_rows($result);
//if result matched surname and password table row must be 1 row
if ($count==1){
$_SESSION['account'] = $account;
if($account=='Doctor'){
echo"<script>window.open('doctor.php','_self')</script>";
}elseif($account=='Receptionist'){
echo"<script>window.open('reception.php','_self')</script>";
}elseif($account=='Lab Technician'){
echo"<script>window.open('lbtechnician.php','_self')</script>";
}elseif($account=='Pharmacist'){
echo"<script>window.open('pharmacist.php','_self')</script>";
}else{
echo"<script>window.open('index.php','_self')</script>";

}
}else{

echo "<script>alert('wrong password , Try again!!!')</script>";
}



}




?>
 

dronedrake

JF-Expert Member
Dec 25, 2013
7,158
2,000
umetumia 'if....else if...else if...else if...else if.....else if....' ivi unajua maana yake?

ile ya kwanza kabisa itakayokubali, ZINAZOFATA HAZITA execute

solution: toa izo 'else if' ibaki 'if ' pekeake
 

RobyMi

JF-Expert Member
Mar 4, 2012
849
1,000
<?php
session_start();
$servername="localhost";
$username="root";
$password="";
$dbname="hms";
$conn=mysqli_connect($servername,$username,$password,$dbname);
if($_SERVER["REQUEST_METHOD"] == "POST"){
//username and password sent from form
$account = mysqli_real_escape_string($conn,$_POST['account']);
$pword = mysqli_real_escape_string($conn,$_POST['pword']);
$sql="select id from hospital where account='$account' and pword='$pword'";
$result= mysqli_query($conn,$sql);
$row= mysqli_fetch_array($result,MYSQLI_ASSOC);
$count= mysqli_num_rows($result);
//if result matched surname and password table row must be 1 row
if ($count==1){
$_SESSION['pharmacist'] = $account;
header ("location: pharmacy.php");
}elseif($count==1) {
$_SESSION['doctor'] = $account;
header ("location: doctor.php");

}elseif($count==1){
$_SESSION['receptionist'] = $account;
header ("location: reception.php");
}elseif($count==1){
$_SESSION['lab Technician'] = $account;
header ("location: lbtechncian.php");
}elseif($count==1){
$_SESSION['manager/admin'] = $account;
header ("location: index.php");
}else{

echo "<script>alert('wrong password , Try again!!!')</script>";
}

}

?>

user wako registred tayari tatizo nataka waingilie aina za account inayotakiwa na password tu. na impeleke kwenye page husika nimejaribu hizo inakubali kwa header ya kwanza tu.. msaada





<?php
session_start();
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "hms";
$conn = mysqli_connect($servername, $username, $password, $dbname);
if ($_SERVER["REQUEST_METHOD"] == "POST") {
//username and password sent from form
$account = mysqli_real_escape_string($conn, $_POST['account']);
$pword = mysqli_real_escape_string($conn, $_POST['pword']);
$sql = "select id from hospital where account='$account' and pword='$pword'";
$result = mysqli_query($conn, $sql);
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
$count = mysqli_num_rows($result);
//if result matched surname and password table row must be 1 row

if($count == 1) {

switch ($account) {

case $_SESSION['pharmacist']:
header("location: pharmacy.php");
break;
case $_SESSION['doctor']:
header("location: doctor.php");
break;

case $_SESSION['receptionist']:
header("location: reception.php");
break;

case $_SESSION['lab Technician']:
header("location: lbtechncian.php");
break;

case $_SESSION['manager/admin']:
header("location: index.php");
break;

}
} else {

echo "<script>alert('wrong password , Try again!!!')</script>";
}

}


Apprently JF doesnt have a code formatting tool ..
 

willy ze great

JF-Expert Member
Apr 30, 2013
868
1,000
Nimetoa ila sipati kitu nachokitaka
umetumia 'if....else if...else if...else if...else if.....else if....' ivi unajua maana yake?

ile ya kwanza kabisa itakayokubali, ZINAZOFATA HAZITA execute

solution: toa izo 'else if' ibaki 'if ' pekeake
 

Muntu Ya Pori

JF-Expert Member
Jun 25, 2013
223
225
session_start();
$servername="localhost";
$username="root";
$password="";
$dbname="hms";
$conn=mysqli_connect($servername,$username,$password,$dbname);
if($_SERVER["REQUEST_METHOD"] == "POST"){
//username and password sent from form
$account = mysqli_real_escape_string($conn,$_POST['account']);
$pword = mysqli_real_escape_string($conn,$_POST['pword']);
$sql="select id from hospital where account='$account' and pword='$pword'";
$result= mysqli_query($conn,$sql);
$row= mysqli_fetch_array($result,MYSQLI_ASSOC);
$count= mysqli_num_rows($result);
//if result matched surname and password table row must be 1 row
if ($count==1){
$_SESSION['pharmacist'] = $account;
header ("location: pharmacy.php");
}elseif($count==1) {
$_SESSION['doctor'] = $account;
header ("location: doctor.php");

}elseif($count==1){
$_SESSION['receptionist'] = $account;
header ("location: reception.php");
}elseif($count==1){
$_SESSION['lab Technician'] = $account;
header ("location: lbtechncian.php");
}elseif($count==1){
$_SESSION['manager/admin'] = $account;
header ("location: index.php");
}else{

echo "";
}

}

?>

user wako registred tayari tatizo nataka waingilie aina za account inayotakiwa na password tu. na impeleke kwenye page husika nimejaribu hizo inakubali kwa header ya kwanza tu.. msaada
Kwanini kila unapochukua data na kusave kwenye variables unapotumia hiyo built-in function kuzuia sql injection unapass db connection?
Kingine sijaona code inayotofautisha account ili kufanya decision. Kama account ni doctor we umeset session pharmacist then ume sema iwe doctor na unadirect to pharmacist. Header zako haziendani na account ndio Maana branch ya kwanza tu inakua valid kwa account yoyote atakayoingiza.
Fanya hivi. Use if to check row kama ni 1 else invalid. Kama ni 1 fanya switch hizo account, kama account ni doctor, set session to doctor then direct to doctor page na kuendelea.
Au unaweza fanya nested if ikiwa row ni if(row === 1) {
if($account ==='doctor') {
$_SESSION['doctor'] = $account;
Header(......);
}
if(........) {
}
} else {
Echo ' invalid username or password'
}
Hapo itafanya kazi vizuri tu.
 

ISLETS

JF-Expert Member
Dec 29, 2012
8,162
2,000
mi hapa napita tu kuwambia poleni na kazi, na endeleeni na moyo huo huo
 

willy ze great

JF-Expert Member
Apr 30, 2013
868
1,000
Kwanini kila unapochukua data na kusave kwenye variables unapotumia hiyo built-in function kuzuia sql injection unapass db connection?
Kingine sijaona code inayotofautisha account ili kufanya decision. Kama account ni doctor we umeset session pharmacist then ume sema iwe doctor na unadirect to pharmacist. Header zako haziendani na account ndio Maana branch ya kwanza tu inakua valid kwa account yoyote atakayoingiza.
Fanya hivi. Use if to check row kama ni 1 else invalid. Kama ni 1 fanya switch hizo account, kama account ni doctor, set session to doctor then direct to doctor page na kuendelea.
Au unaweza fanya nested if ikiwa row ni if(row === 1) {
if($account ==='doctor') {
$_SESSION['doctor'] = $account;
Header(......);
}
if(........) {
}
} else {
Echo ' invalid username or password'
}
Hapo itafanya kazi vizuri tu.


nilifnaya hivi
<?php
session_start();
$servername="localhost";
$username="root";
$password="";
$dbname="hms";
$conn=mysqli_connect($servername,$username,$password,$dbname);
if($_SERVER["REQUEST_METHOD"] == "POST"){
//username and password sent from form
$account = mysqli_real_escape_string($conn,$_POST['account']);
$pword = mysqli_real_escape_string($conn,$_POST['pword']);
$sql="select id from hospital where account='$account' and pword='$pword'";
$result= mysqli_query($conn,$sql);
$row= mysqli_fetch_array($result,MYSQLI_ASSOC);
$count= mysqli_num_rows($result);
//if result matched surname and password table row must be 1 row
if ($count==1){
$_SESSION['account'] = $account;
if($account=='Doctor'){
echo"<script>window.open('doctor.php','_self')</script>";
}elseif($account=='Receptionist'){
echo"<script>window.open('reception.php','_self')</script>";
}elseif($account=='Lab Technician'){
echo"<script>window.open('lbtechnician.php','_self')</script>";
}elseif($account=='Pharmacist'){
echo"<script>window.open('pharmacist.php','_self')</script>";
}else{
echo"<script>window.open('index.php','_self')</script>";

}
}else{

echo "<script>alert('wrong password , Try again!!!')</script>";
}



}




?>
 

Toa taarifa ya maudhui yasiyofaa!

Kuna taarifa umeiona humu JamiiForums na haifai kubaki mtandaoni?
Fanya hivi...

Umesahau Password au akaunti yako?

Unapata ugumu kuikumbuka akaunti yako? Unakwama kuanzisha akaunti?
Contact us

Similar Discussions

Top Bottom