-
PHP (
http://www.daniweb.com/forums/forum17.html)
| dwdata | Jul 4th, 2009 12:19 am | |
| Displaying LINKS based on a SESSION Variable
Hello,
Great forum!
I have implemented a USER LOG-IN scheme in my site. Below is the code to build my session variable data:
//Create query
$qry="SELECT * FROM volunteers WHERE Username='$login' AND Password='$password'";
$result=mysql_query($qry);
//Check whether the query was successful or not
if($result) {
if(mysql_num_rows($result) == 1) {
//Login Successful
session_regenerate_id();
$member = mysql_fetch_assoc($result);
$_SESSION['SESS_MEMBER_ID'] = $member['id'];
$_SESSION['SESS_FIRST_NAME'] = $member['First_Name'];
$_SESSION['SESS_LAST_NAME'] = $member['Last_Name'];
$_SESSION['SESS_ADMIN'] = $member['ADMIN'];
session_write_close();
header("location: Service_Dates.php");
exit();
}else {
//Login failed
header("location: login-failed.php");
exit();
}
}else {
die("Query failed");
}
Please notice the ADMIN variable.
How would I display a LINK only if ADMIN = ADMIN (True - checkbox)? Here is some code I wan to add that test to:
<div align="center"><img src="/VOH/Images/logo.jpg" width="703" height="144" longdesc="http://www.dwdataconcepts.com/VOH/index.php" />
<br />
<table width="703" border="0" align="center" cellpadding="2" cellspacing="2">
<tr>
<td width="54%" height="19"><div align="left" class="style3"><a href="Service_Dates.php">Service Dates</a></div></td>
<td width="32%"><div align="right" class="style3"><a href="Admin_Options.php">Admin Options</a><a href="Service_Dates.php"></a></span></div></td>
<td width="14%"><div align="right" class="style3"><a href="/VOH/logout.php">Log Out</a></span></div></td>
</tr>
</table>
</div>
If the SESSION::ADMIN = TRUE, then display this CODE.
Thanks! |
| kkeith29 | Jul 4th, 2009 12:38 am | |
| Re: Displaying LINKS based on a SESSION Variable
Security is a big deal for me. I hate seeing code with holes in it and how easily it would be for someone to hack it.
I have a good login security login example I can post. If you want to see it let me know.
As for your question, just use an if statement.
$admin = false;
if ( $_SESSION['SESS_ADMIN'] == 'ADMIN' ) { //whatever the value is in the database for an admin
$admin = true;
} Then in your script where you want something for an admin only.
if ( $admin ) {
echo 'html that only admins should see';
}
Really the best thing to do is seperate the user and admin areas completely. |
| dwdata | Jul 4th, 2009 1:50 am | |
| Re: Displaying LINKS based on a SESSION Variable
Quote:
Originally Posted by kkeith29 (Post 907967) Security is a big deal for me. I hate seeing code with holes in it and how easily it would be for someone to hack it.
I have a good login security login example I can post. If you want to see it let me know.
As for your question, just use an if statement.
$admin = false;
if ( $_SESSION['SESS_ADMIN'] == 'ADMIN' ) { //whatever the value is in the database for an admin
$admin = true;
} Then in your script where you want something for an admin only.
if ( $admin ) {
echo 'html that only admins should see';
}
Really the best thing to do is seperate the user and admin areas completely.
| Thanks! But I still don't have it.
I have a page called "header.php" which I use in ALL my pages as a INCLUDE () which brings in the logo banner display and the main LINKS (which I want to dynamically display based on the SESSION::ADMIN. Here is the code:
<style type="text/css">
<!--
.style3 {font-size: 11px; font-family: Verdana, Arial, Helvetica, sans-serif; font-weight: bold; }
-->
</style>
<div align="center"><img src="/VOH/Images/logo.jpg" width="703" height="144" longdesc="http://www.dwdataconcepts.com/VOH/index.php" />
<br />
<?
$admin = false;
if ( $_SESSION['SESS_ADMIN'] == 'ADMIN' ) { //whatever the value is in the database for an admin
$admin = true;
}
?>
<table width="703" border="0" align="center" cellpadding="2" cellspacing="2">
<tr>
<td width="54%" height="19"><div align="left" class="style3">
<? if ( $admin ) {echo '<a href="Service_Dates.php">Service Dates</a>';} ?></div></td>
<? //<a href="Service_Dates.php">Service Dates</a></div></td> ?>
<td width="32%"><div align="right" class="style3">
<? if ( $admin ) {echo '<a href="Admin_Options.php">Admin Options</a>';} ?></div></td>
<? //<a href="Admin_Options.php">Admin Options</a></span></div></td> ?>
<td width="14%"><div align="right" class="style3"><a href="logout.php">Log Out</a></span></div></td>
</tr>
</table>
</div>
Does this look right? Is the DOUBLE EQUALS right in your statement:
if ( $_SESSION['SESS_ADMIN'] == 'ADMIN' ) { //whatever the value is in the database for an admin
$admin = true;
}
Is it my HTML? Sigh... |
| dwdata | Jul 4th, 2009 2:31 am | |
| Re: Displaying LINKS based on a SESSION Variable
Quote:
Originally Posted by kkeith29 (Post 907967)
Then in your script where you want something for an admin only.
if ( $admin ) {
echo 'html that only admins should see';
}
Really the best thing to do is seperate the user and admin areas completely.
| Now I know something is wrong with the IF Statements (unless I am not understanding the right syntex: Here is my code:
<style type="text/css">
<!--
.style3 {font-size: 11px; font-family: Verdana, Arial, Helvetica, sans-serif; font-weight: bold; }
-->
</style>
<div align="center"><img src="/VOH/Images/logo.jpg" width="703" height="144" longdesc="http://www.dwdataconcepts.com/VOH/index.php" />
<br />
<?
$admin = false;
if ( $_SESSION['SESS_ADMIN'] == 'ADMIN' ) { //whatever the value is in the database for an admin
$admin = true;
}
?>
<table width="703" border="0" align="center" cellpadding="2" cellspacing="2">
<tr>
<td width="54%" height="19"><div align="left" class="style3">
<? echo '<a href="Service_Dates.php">Service Dates</a></div></td>' ?>
<? //if ( $admin ) {echo '<a href="Service_Dates.php">Service Dates</a>'} ?></div></td>
</div></td>
<td width="32%"><div align="right" class="style3">
<? echo '<a href="Admin_Options.php">Admin Options</a></div></td>' ?>
<? //if ( $admin ) {echo '<a href="Admin_Options.php">Admin Options</a>'} ?></div></td>
</div></td>
<td width="14%"><div align="right" class="style3"><a href="logout.php">Log Out</a></span></div></td>
</tr>
</table>
</div>
The commented out lines are the one I am trying to get to work. The UNcomments ones are the raw hyperlinks minus the IF statement.
I'd love to conquer this before I hit the bed ;-) Thanks again. |
| Toxikr3 | Jul 5th, 2009 6:56 pm | |
| Re: Displaying LINKS based on a SESSION Variable
Quote:
Originally Posted by kkeith29 (Post 907967) Security is a big deal for me. I hate seeing code with holes in it and how easily it would be for someone to hack it.
I have a good login security login example I can post. If you want to see it let me know.
| May I please see the login code with the security? I am currently trying to make a login system and this will help me greatly. Thanks. |
| All times are GMT -4. The time now is 6:51 pm. | |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC
