Login "Specified Credentials"

Ask about a PHP problem here.
Post Reply
Noso1066
Posts: 6
Joined: Tue Dec 06, 2011 7:37 pm

Login "Specified Credentials"

Post by Noso1066 »

Hey guys, with my project, I have seen that my "admin" page is accessible via a regular person's login credentials. Is possible and if so, how could I set the admin login page to only accept the login credentials of username "admin" and password "admin".
<?php
session_start();
$errorMessage = '';

if (isset($_POST['username']) && ($_POST['password'])) {
if ($_POST['username'] === 'username' && $_POST['password'] === 'username'){

$_SESSION['log_in_success'] = true;
header('Location: blog_post.php');
exit;
} else {
$errorMessage = 'Wrong Username and/or Password - Go <a href="admin.php">Back </a>';
}
}
?>
Image
User avatar
Temor
Posts: 1186
Joined: Thu May 05, 2011 8:04 pm

Re: Login "Specified Credentials"

Post by Temor »

you can add another field in your users table and name it admin. set that to a boolean of 1 if it the user is admin and 0 if it is not, and then create a function that checks if the currently logged in user is set to admin = 1 in the database.

easy as pie.
Post Reply