php programmers i need help

willy ze great

willy ze great

JF-Expert Member
Apr 30, 2013
1,026
1,179
<?php
session_start();
$servername="localhost";
$username="root";
$password="";
$dbname="hms";
$conn=mysqli_connect($servername,$username,$password,$dbname);
if($_SERVER["REQUEST_METHOD"] == "POST"){
//username and password sent from form
$account = mysqli_real_escape_string($conn,$_POST['account']);
$pword = mysqli_real_escape_string($conn,$_POST['pword']);
$sql="select id from hospital where account='$account' and pword='$pword'";
$result= mysqli_query($conn,$sql);
$row= mysqli_fetch_array($result,MYSQLI_ASSOC);
$count= mysqli_num_rows($result);
//if result matched surname and password table row must be 1 row
if ($count==1){
$_SESSION['pharmacist'] = $account;
header ("location: pharmacy.php");
}elseif($count==1) {
$_SESSION['doctor'] = $account;
header ("location: doctor.php");

}elseif($count==1){
$_SESSION['receptionist'] = $account;
header ("location: reception.php");
}elseif($count==1){
$_SESSION['lab Technician'] = $account;
header ("location: lbtechncian.php");
}elseif($count==1){
$_SESSION['manager/admin'] = $account;
header ("location: index.php");
}else{

echo "<script>alert('wrong password , Try again!!!')</script>";
}

}

?>

user wako registred tayari tatizo nataka waingilie aina za account inayotakiwa na password tu. na impeleke kwenye page husika nimejaribu hizo inakubali kwa header ya kwanza tu.. msaada

problem solved nilifanya hivi ikakubali
<?php
session_start();
$servername="localhost";
$username="root";
$password="";
$dbname="hms";
$conn=mysqli_connect($servername,$username,$password,$dbname);
if($_SERVER["REQUEST_METHOD"] == "POST"){
//username and password sent from form
$account = mysqli_real_escape_string($conn,$_POST['account']);
$pword = mysqli_real_escape_string($conn,$_POST['pword']);
$sql="select id from hospital where account='$account' and pword='$pword'";
$result= mysqli_query($conn,$sql);
$row= mysqli_fetch_array($result,MYSQLI_ASSOC);
$count= mysqli_num_rows($result);
//if result matched surname and password table row must be 1 row
if ($count==1){
$_SESSION['account'] = $account;
if($account=='Doctor'){
echo"<script>window.open('doctor.php','_self')</script>";
}elseif($account=='Receptionist'){
echo"<script>window.open('reception.php','_self')</script>";
}elseif($account=='Lab Technician'){
echo"<script>window.open('lbtechnician.php','_self')</script>";
}elseif($account=='Pharmacist'){
echo"<script>window.open('pharmacist.php','_self')</script>";
}else{
echo"<script>window.open('index.php','_self')</script>";

}
}else{

echo "<script>alert('wrong password , Try again!!!')</script>";
}



}




?>
 
umetumia 'if....else if...else if...else if...else if.....else if....' ivi unajua maana yake?

ile ya kwanza kabisa itakayokubali, ZINAZOFATA HAZITA execute

solution: toa izo 'else if' ibaki 'if ' pekeake
 
willy ze great said:
<?php
session_start();
$servername="localhost";
$username="root";
$password="";
$dbname="hms";
$conn=mysqli_connect($servername,$username,$password,$dbname);
if($_SERVER["REQUEST_METHOD"] == "POST"){
//username and password sent from form
$account = mysqli_real_escape_string($conn,$_POST['account']);
$pword = mysqli_real_escape_string($conn,$_POST['pword']);
$sql="select id from hospital where account='$account' and pword='$pword'";
$result= mysqli_query($conn,$sql);
$row= mysqli_fetch_array($result,MYSQLI_ASSOC);
$count= mysqli_num_rows($result);
//if result matched surname and password table row must be 1 row
if ($count==1){
$_SESSION['pharmacist'] = $account;
header ("location: pharmacy.php");
}elseif($count==1) {
$_SESSION['doctor'] = $account;
header ("location: doctor.php");

}elseif($count==1){
$_SESSION['receptionist'] = $account;
header ("location: reception.php");
}elseif($count==1){
$_SESSION['lab Technician'] = $account;
header ("location: lbtechncian.php");
}elseif($count==1){
$_SESSION['manager/admin'] = $account;
header ("location: index.php");
}else{

echo "<script>alert('wrong password , Try again!!!')</script>";
}

}

?>

user wako registred tayari tatizo nataka waingilie aina za account inayotakiwa na password tu. na impeleke kwenye page husika nimejaribu hizo inakubali kwa header ya kwanza tu.. msaada
Click to expand...





<?php
session_start();
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "hms";
$conn = mysqli_connect($servername, $username, $password, $dbname);
if ($_SERVER["REQUEST_METHOD"] == "POST") {
//username and password sent from form
$account = mysqli_real_escape_string($conn, $_POST['account']);
$pword = mysqli_real_escape_string($conn, $_POST['pword']);
$sql = "select id from hospital where account='$account' and pword='$pword'";
$result = mysqli_query($conn, $sql);
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
$count = mysqli_num_rows($result);
//if result matched surname and password table row must be 1 row

if($count == 1) {

switch ($account) {

case $_SESSION['pharmacist']:
header("location: pharmacy.php");
break;
case $_SESSION['doctor']:
header("location: doctor.php");
break;

case $_SESSION['receptionist']:
header("location: reception.php");
break;

case $_SESSION['lab Technician']:
header("location: lbtechncian.php");
break;

case $_SESSION['manager/admin']:
header("location: index.php");
break;

}
} else {

echo "<script>alert('wrong password , Try again!!!')</script>";
}

}


Apprently JF doesnt have a code formatting tool ..
 
Nimetoa ila sipati kitu nachokitaka
dronedrake said:
umetumia 'if....else if...else if...else if...else if.....else if....' ivi unajua maana yake?

ile ya kwanza kabisa itakayokubali, ZINAZOFATA HAZITA execute

solution: toa izo 'else if' ibaki 'if ' pekeake
Click to expand...
 
willy ze great said:
session_start();
$servername="localhost";
$username="root";
$password="";
$dbname="hms";
$conn=mysqli_connect($servername,$username,$password,$dbname);
if($_SERVER["REQUEST_METHOD"] == "POST"){
//username and password sent from form
$account = mysqli_real_escape_string($conn,$_POST['account']);
$pword = mysqli_real_escape_string($conn,$_POST['pword']);
$sql="select id from hospital where account='$account' and pword='$pword'";
$result= mysqli_query($conn,$sql);
$row= mysqli_fetch_array($result,MYSQLI_ASSOC);
$count= mysqli_num_rows($result);
//if result matched surname and password table row must be 1 row
if ($count==1){
$_SESSION['pharmacist'] = $account;
header ("location: pharmacy.php");
}elseif($count==1) {
$_SESSION['doctor'] = $account;
header ("location: doctor.php");

}elseif($count==1){
$_SESSION['receptionist'] = $account;
header ("location: reception.php");
}elseif($count==1){
$_SESSION['lab Technician'] = $account;
header ("location: lbtechncian.php");
}elseif($count==1){
$_SESSION['manager/admin'] = $account;
header ("location: index.php");
}else{

echo "";
}

}

?>

user wako registred tayari tatizo nataka waingilie aina za account inayotakiwa na password tu. na impeleke kwenye page husika nimejaribu hizo inakubali kwa header ya kwanza tu.. msaada
Click to expand...
Kwanini kila unapochukua data na kusave kwenye variables unapotumia hiyo built-in function kuzuia sql injection unapass db connection?
Kingine sijaona code inayotofautisha account ili kufanya decision. Kama account ni doctor we umeset session pharmacist then ume sema iwe doctor na unadirect to pharmacist. Header zako haziendani na account ndio Maana branch ya kwanza tu inakua valid kwa account yoyote atakayoingiza.
Fanya hivi. Use if to check row kama ni 1 else invalid. Kama ni 1 fanya switch hizo account, kama account ni doctor, set session to doctor then direct to doctor page na kuendelea.
Au unaweza fanya nested if ikiwa row ni if(row === 1) {
if($account ==='doctor') {
$_SESSION['doctor'] = $account;
Header(......);
}
if(........) {
}
} else {
Echo ' invalid username or password'
}
Hapo itafanya kazi vizuri tu.
 
Muntu Ya Pori said:
Kwanini kila unapochukua data na kusave kwenye variables unapotumia hiyo built-in function kuzuia sql injection unapass db connection?
Kingine sijaona code inayotofautisha account ili kufanya decision. Kama account ni doctor we umeset session pharmacist then ume sema iwe doctor na unadirect to pharmacist. Header zako haziendani na account ndio Maana branch ya kwanza tu inakua valid kwa account yoyote atakayoingiza.
Fanya hivi. Use if to check row kama ni 1 else invalid. Kama ni 1 fanya switch hizo account, kama account ni doctor, set session to doctor then direct to doctor page na kuendelea.
Au unaweza fanya nested if ikiwa row ni if(row === 1) {
if($account ==='doctor') {
$_SESSION['doctor'] = $account;
Header(......);
}
if(........) {
}
} else {
Echo ' invalid username or password'
}
Hapo itafanya kazi vizuri tu.
Click to expand...


nilifnaya hivi
<?php
session_start();
$servername="localhost";
$username="root";
$password="";
$dbname="hms";
$conn=mysqli_connect($servername,$username,$password,$dbname);
if($_SERVER["REQUEST_METHOD"] == "POST"){
//username and password sent from form
$account = mysqli_real_escape_string($conn,$_POST['account']);
$pword = mysqli_real_escape_string($conn,$_POST['pword']);
$sql="select id from hospital where account='$account' and pword='$pword'";
$result= mysqli_query($conn,$sql);
$row= mysqli_fetch_array($result,MYSQLI_ASSOC);
$count= mysqli_num_rows($result);
//if result matched surname and password table row must be 1 row
if ($count==1){
$_SESSION['account'] = $account;
if($account=='Doctor'){
echo"<script>window.open('doctor.php','_self')</script>";
}elseif($account=='Receptionist'){
echo"<script>window.open('reception.php','_self')</script>";
}elseif($account=='Lab Technician'){
echo"<script>window.open('lbtechnician.php','_self')</script>";
}elseif($account=='Pharmacist'){
echo"<script>window.open('pharmacist.php','_self')</script>";
}else{
echo"<script>window.open('index.php','_self')</script>";

}
}else{

echo "<script>alert('wrong password , Try again!!!')</script>";
}



}




?>
 
You must log in or register to reply here.

Similar Discussions

Back
Top Bottom
Forums
New posts
Post thread
Back