$qryadmin=mysqli_query($yourconnection,"SELECT * FROM admininfo WHERE username='$username' AND password='$password' AND status='administrator'") Īnd try using MySQLi instead of its predecessor, MySQL. $qry=mysqli_query($yourconnection,"SELECT * FROM admininfo WHERE username='$username' AND password='$password' AND status='customer'") $password = mysqli_real_escape_string($yourconnection,$_POST) /* prevents a bit of SQL injection */ $username = mysqli_real_escape_string($yourconnection,$_POST) /* prevents a bit of SQL injection */
For example, there is status field in your admininfo and your query would be like this (this is just an example): $yourconnection=mysqli_connect("YourHost","YourUsername","YourPassword","NameOfYourDatabase") What you can do is to add another field for your admininfo table and have it here declare if a user is admin or not.
0 kommentar(er)
