-3

I have two different tables from my database mywebsite. Table login and table studentlogin. Can you suggest me how to make a login php code page which retrieve data from both table.

    <?php 
     if (!isset($_POST["username"]))


     {

     header('Location: login.html');
       }
      if (!isset($_POST["password"]))
      {

      header('Location: login.php');
      }

     else
       {
    session_start();    
    $username = $_POST["username"];
    $password = $_POST["password"];
    $_SESSION['username'] = $username;
    $_SESSION['password'] = $password;
    include ("db_connect.php"); 
    $select = "SELECT * from login and studentlogin where username = '$username' and password = '$password'";

      $rows = mysql_query("$select");

    if (mysql_num_rows($rows)<1){

            mysql_close($con);

    header("location: http://localhost/Mywebsite/wrong.html");

       }
    else
       { 


        while($query = mysql_fetch_array($rows)) {

            $adm = $query['username'];


           $check = substr($adm, 0, 3);
             if ($check == 'adm')
                {
shafi
  • 1
  • 2
  • if ($check == 'adm') { header('Location: index.php'); } else { header('Location: http://localhost/Mywebsite/student/index.php'); } } } } – shafi Feb 22 '16 at 18:05
  • 3
    [Your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) – Jay Blanchard Feb 22 '16 at 18:07
  • 1
    Please [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). [These extensions](http://php.net/manual/en/migration70.removed-exts-sapis.php) have been removed in PHP 7. Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [PDO](http://php.net/manual/en/pdo.prepared-statements.php) and [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and consider using PDO, [it's really pretty easy](http://jayblanchard.net/demystifying_php_pdo.html). – Jay Blanchard Feb 22 '16 at 18:07
  • Please use PHP's [built-in functions](http://jayblanchard.net/proper_password_hashing_with_PHP.html) to handle password security. If you're using a PHP version less than 5.5 you can use the `password_hash()` [compatibility pack](https://github.com/ircmaxell/password_compat). – Jay Blanchard Feb 22 '16 at 18:07
  • im very new to php could provide me a sample code plz... – shafi Feb 22 '16 at 18:11
  • Uh....there is plenty of sample code in the links in the comments. – Jay Blanchard Feb 22 '16 at 18:13
  • Don't set the session if the values aren't verified. Why are there 2 login tables? – chris85 Feb 22 '16 at 18:13
  • If you are starting now your project, I suggest you to revise table structure: only one table with additional “class” field (student, adm, etc...). To start with modern MySQL driver you can refer to [this tutorial](http://www.w3schools.com/php/php_mysql_intro.asp) – fusion3k Feb 22 '16 at 18:14

1 Answers1

0
SELECT Orders.OrderID, Customers.CustomerName, Orders.OrderDate
FROM Orders
INNER JOIN Customers
ON Orders.CustomerID=Customers.CustomerID;

and read about join query and table relations.

Muhammad Salman
  • 543
  • 4
  • 22