PHP RSS PHP RSS

Displaying LINKS based on a SESSION Variable

Reply

Join Date: Jul 2009
Posts: 42
Reputation: dwdata is an unknown quantity at this point 
Solved Threads: 0
dwdata dwdata is offline Offline
Light Poster

Displaying LINKS based on a SESSION Variable

 
0
  #1
Jul 4th, 2009
Hello,

Great forum!

I have implemented a USER LOG-IN scheme in my site. Below is the code to build my session variable data:

PHP Syntax (Toggle Plain Text) 
  1. //Create query
  2. 	$qry="SELECT * FROM volunteers WHERE Username='$login' AND Password='$password'";
  3. 	$result=mysql_query($qry);
  4.  
  5. 	//Check whether the query was successful or not
  6. 	if($result) {
  7. 		if(mysql_num_rows($result) == 1) {
  8. 			//Login Successful
  9. 			session_regenerate_id();
  10. 			$member = mysql_fetch_assoc($result);
  11. 			$_SESSION['SESS_MEMBER_ID'] = $member['id'];
  12. 			$_SESSION['SESS_FIRST_NAME'] = $member['First_Name'];
  13. 			$_SESSION['SESS_LAST_NAME'] = $member['Last_Name'];
  14. 			$_SESSION['SESS_ADMIN'] = $member['ADMIN'];
  15. 			session_write_close();
  16. 			header("location: Service_Dates.php");
  17. 			exit();
  18. 		}else {
  19. 			//Login failed
  20. 			header("location: login-failed.php");
  21. 			exit();
  22. 		}
  23. 	}else {
  24. 		die("Query failed");
  25. 	}

Please notice the ADMIN variable.

How would I display a LINK only if ADMIN = ADMIN (True - checkbox)? Here is some code I wan to add that test to:

PHP Syntax (Toggle Plain Text) 
  1. <div align="center"><img src="/VOH/Images/logo.jpg" width="703" height="144" longdesc="http://www.dwdataconcepts.com/VOH/index.php" />
  2.   <br />
  3.   <table width="703" border="0" align="center" cellpadding="2" cellspacing="2">
  4.     <tr>
  5.         <td width="54%" height="19"><div align="left" class="style3"><a href="Service_Dates.php">Service Dates</a></div></td>
  6.  
  7.       <td width="32%"><div align="right" class="style3"><a href="Admin_Options.php">Admin Options</a><a href="Service_Dates.php"></a></span></div></td>
  8.  
  9.       <td width="14%"><div align="right" class="style3"><a href="/VOH/logout.php">Log Out</a></span></div></td>
  10.       </tr>
  11.   </table>
  12. </div>

If the SESSION::ADMIN = TRUE, then display this CODE.
Thanks!
Last edited by dwdata; Jul 4th, 2009 at 12:25 am. Reason: added more.
Reply With Quote Quick reply to this message  
Join Date: Jun 2007
Posts: 1,227
Reputation: kkeith29 has a spectacular aura about kkeith29 has a spectacular aura about kkeith29 has a spectacular aura about 
Solved Threads: 167
kkeith29's Avatar
kkeith29 kkeith29 is offline Offline
Nearly a Posting Virtuoso

Re: Displaying LINKS based on a SESSION Variable

 
0
  #2
Jul 4th, 2009
Security is a big deal for me. I hate seeing code with holes in it and how easily it would be for someone to hack it.

I have a good login security login example I can post. If you want to see it let me know.

As for your question, just use an if statement.
PHP Syntax (Toggle Plain Text) 
  1. $admin = false;
  2. if ( $_SESSION['SESS_ADMIN'] == 'ADMIN' ) { //whatever the value is in the database for an admin
  3.   $admin = true;
  4. }
Then in your script where you want something for an admin only.
PHP Syntax (Toggle Plain Text) 
  1. if ( $admin ) {
  2.   echo 'html that only admins should see';
  3. }

Really the best thing to do is seperate the user and admin areas completely.
Last edited by kkeith29; Jul 4th, 2009 at 12:42 am.
Google is your friend.

Use [code] tags.

If you have found a solution to your problem, please mark the thread as SOLVED.
Reply With Quote Quick reply to this message  
Join Date: Jul 2009
Posts: 42
Reputation: dwdata is an unknown quantity at this point 
Solved Threads: 0
dwdata dwdata is offline Offline
Light Poster

Re: Displaying LINKS based on a SESSION Variable

 
0
  #3
Jul 4th, 2009
Originally Posted by kkeith29 View Post
Security is a big deal for me. I hate seeing code with holes in it and how easily it would be for someone to hack it.

I have a good login security login example I can post. If you want to see it let me know.

As for your question, just use an if statement.
PHP Syntax (Toggle Plain Text) 
  1. $admin = false;
  2. if ( $_SESSION['SESS_ADMIN'] == 'ADMIN' ) { //whatever the value is in the database for an admin
  3.   $admin = true;
  4. }
Then in your script where you want something for an admin only.
PHP Syntax (Toggle Plain Text) 
  1. if ( $admin ) {
  2.   echo 'html that only admins should see';
  3. }

Really the best thing to do is seperate the user and admin areas completely.
Thanks! But I still don't have it.

I have a page called "header.php" which I use in ALL my pages as a INCLUDE () which brings in the logo banner display and the main LINKS (which I want to dynamically display based on the SESSION::ADMIN. Here is the code:

PHP Syntax (Toggle Plain Text) 
  1. <style type="text/css">
  2. <!--
  3. .style3 {font-size: 11px; font-family: Verdana, Arial, Helvetica, sans-serif; font-weight: bold; }
  4. -->
  5. </style>
  6.  
  7. <div align="center"><img src="/VOH/Images/logo.jpg" width="703" height="144" longdesc="http://www.dwdataconcepts.com/VOH/index.php" />
  8.   <br />
  9.  
  10. <?  
  11.   $admin = false;
  12. if ( $_SESSION['SESS_ADMIN'] == 'ADMIN' ) { //whatever the value is in the database for an admin
  13.   $admin = true;
  14. }
  15. ?>
  16.  
  17.   <table width="703" border="0" align="center" cellpadding="2" cellspacing="2">
  18.     <tr>
  19.       <td width="54%" height="19"><div align="left" class="style3">
  20.  
  21. 	  <? if ( $admin ) {echo '<a href="Service_Dates.php">Service Dates</a>';} ?></div></td>
  22. 	  <? //<a href="Service_Dates.php">Service Dates</a></div></td> ?>
  23.  
  24.       <td width="32%"><div align="right" class="style3">
  25.  
  26. 	  <? if ( $admin ) {echo '<a href="Admin_Options.php">Admin Options</a>';} ?></div></td>
  27. 	  <? //<a href="Admin_Options.php">Admin Options</a></span></div></td> ?>
  28.  
  29.       <td width="14%"><div align="right" class="style3"><a href="logout.php">Log Out</a></span></div></td>
  30.       </tr>
  31.   </table>
  32. </div>

Does this look right? Is the DOUBLE EQUALS right in your statement:

PHP Syntax (Toggle Plain Text) 
  1. if ( $_SESSION['SESS_ADMIN'] == 'ADMIN' ) { //whatever the value is in the database for an admin
  2.   $admin = true;
  3. }

Is it my HTML? Sigh...
Reply With Quote Quick reply to this message  
Join Date: Jul 2009
Posts: 42
Reputation: dwdata is an unknown quantity at this point 
Solved Threads: 0
dwdata dwdata is offline Offline
Light Poster

Re: Displaying LINKS based on a SESSION Variable

 
0
  #4
Jul 4th, 2009
Originally Posted by kkeith29 View Post

Then in your script where you want something for an admin only.
PHP Syntax (Toggle Plain Text) 
  1. if ( $admin ) {
  2.   echo 'html that only admins should see';
  3. }

Really the best thing to do is seperate the user and admin areas completely.
Now I know something is wrong with the IF Statements (unless I am not understanding the right syntex: Here is my code:

PHP Syntax (Toggle Plain Text) 
  1. <style type="text/css">
  2. <!--
  3. .style3 {font-size: 11px; font-family: Verdana, Arial, Helvetica, sans-serif; font-weight: bold; }
  4. -->
  5. </style>
  6.  
  7. <div align="center"><img src="/VOH/Images/logo.jpg" width="703" height="144" longdesc="http://www.dwdataconcepts.com/VOH/index.php" />
  8.   <br />
  9.  
  10.  
  11. <?  
  12.   $admin = false;
  13. if ( $_SESSION['SESS_ADMIN'] == 'ADMIN' ) { //whatever the value is in the database for an admin
  14.   $admin = true;
  15. }
  16.  
  17. ?>
  18.  
  19.   <table width="703" border="0" align="center" cellpadding="2" cellspacing="2">
  20.     <tr>
  21.       <td width="54%" height="19"><div align="left" class="style3">
  22.  
  23. 	  <? echo '<a href="Service_Dates.php">Service Dates</a></div></td>' ?>
  24. 	  <? //if ( $admin ) {echo '<a href="Service_Dates.php">Service Dates</a>'} ?></div></td>
  25. 	  </div></td>
  26.  
  27.  
  28.       <td width="32%"><div align="right" class="style3">
  29.  
  30. 	  <? echo '<a href="Admin_Options.php">Admin Options</a></div></td>' ?>
  31. 	  <? //if ( $admin ) {echo '<a href="Admin_Options.php">Admin Options</a>'} ?></div></td>
  32. 	  </div></td>
  33.  
  34.  
  35.       <td width="14%"><div align="right" class="style3"><a href="logout.php">Log Out</a></span></div></td>
  36.       </tr>
  37.   </table>
  38. </div>

The commented out lines are the one I am trying to get to work. The UNcomments ones are the raw hyperlinks minus the IF statement.

I'd love to conquer this before I hit the bed ;-) Thanks again.
Reply With Quote Quick reply to this message  
Join Date: Jul 2009
Posts: 27
Reputation: Toxikr3 is an unknown quantity at this point 
Solved Threads: 0
Toxikr3 Toxikr3 is offline Offline
Light Poster

Re: Displaying LINKS based on a SESSION Variable

 
0
  #5
Jul 5th, 2009
Originally Posted by kkeith29 View Post
Security is a big deal for me. I hate seeing code with holes in it and how easily it would be for someone to hack it.

I have a good login security login example I can post. If you want to see it let me know.
May I please see the login code with the security? I am currently trying to make a login system and this will help me greatly. Thanks.
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
This thread is more than three months old.
Perhaps start a new thread instead?
Message:



Similar Threads
Other Threads in the PHP Forum
Thread Tools Search this Thread



apache api array beginner binary body broken buttons cakephp checkbox class cms code cron curl database date date/time display dynamic ebooks echo email error file files folder form forms function functions global google href htaccess html image include insert ip javascript joomla limit link list login mail mediawiki menu mlm msqli_multi_query multiple mycodeisbad mysql number oop parameter paypal pdf php phpincludeissue problem query radio random recourse recursion regex remote script search seo server sessions sms source sp space speed sql static subdomain syntax system table tag tutorial update upload url validator variable vbulletin video web webdesign white wordpress xml youtube
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC