Redirection to desired page during authorization

Started by sbglobal, Sep 25, 2022, 01:19 AM

Previous topic - Next topic

sbglobalTopic starter

Please tell me how to implement a comparison of the user's role, so that, depending on that role, he gets to a certain web page during authorization.

<?php
 
require_once __DIR__.'/boot.php';
$stmt pdo()->prepare("SELECT * FROM `users` WHERE `username` = :username");
$stmt->execute(['username' => $_POST['username']]);
if (!
$stmt->rowCount()) {
     
flash('User with such data is not registered');
     
header('Location: index.php');
     die;
}
$user $stmt->fetch(PDO::FETCH_ASSOC);
if (
password_verify($_POST['password'], $user['password'])) {
     
$_SESSION['user_id'] = $user['id'];
     if(
$user[role] == 'zamer')
     {
     
header('Location: /zamer.php');
     }
     else{
         
header('Location: /director.php');
     die;
     }
}
flash('Password is wrong');
header('Location: index.php');

Gets all the time to director.php page .
  •  

lilyalvin

Take the role key in quotation marks.
The second die is obviously out of place. Take out for (nested) branching.

The presence and correctness of POST parameters, as I understand it, is not checked anywhere. You need to master simpler things before you do authentication, etc. You need to transfer, not remove.
  •