PHP RSS PHP RSS

Displaying LINKS based on a SESSION Variable

Reply

Join Date: Jul 2009
Posts: 42
Reputation: dwdata is an unknown quantity at this point 
Solved Threads: 0
dwdata dwdata is offline Offline
Light Poster

Displaying LINKS based on a SESSION Variable

 
0
  #1
Jul 4th, 2009
Hello,

Great forum!

I have implemented a USER LOG-IN scheme in my site. Below is the code to build my session variable data:

PHP Syntax (Toggle Plain Text) 
  1. //Create query
  2. 	$qry="SELECT * FROM volunteers WHERE Username='$login' AND Password='$password'";
  3. 	$result=mysql_query($qry);
  4.  
  5. 	//Check whether the query was successful or not
  6. 	if($result) {
  7. 		if(mysql_num_rows($result) == 1) {
  8. 			//Login Successful
  9. 			session_regenerate_id();
  10. 			$member = mysql_fetch_assoc($result);
  11. 			$_SESSION['SESS_MEMBER_ID'] = $member['id'];
  12. 			$_SESSION['SESS_FIRST_NAME'] = $member['First_Name'];
  13. 			$_SESSION['SESS_LAST_NAME'] = $member['Last_Name'];
  14. 			$_SESSION['SESS_ADMIN'] = $member['ADMIN'];
  15. 			session_write_close();
  16. 			header("location: Service_Dates.php");
  17. 			exit();
  18. 		}else {
  19. 			//Login failed
  20. 			header("location: login-failed.php");
  21. 			exit();
  22. 		}
  23. 	}else {
  24. 		die("Query failed");
  25. 	}

Please notice the ADMIN variable.

How would I display a LINK only if ADMIN = ADMIN (True - checkbox)? Here is some code I wan to add that test to:

PHP Syntax (Toggle Plain Text) 
  1. <div align="center"><img src="/VOH/Images/logo.jpg" width="703" height="144" longdesc="http://www.dwdataconcepts.com/VOH/index.php" />
  2.   <br />
  3.   <table width="703" border="0" align="center" cellpadding="2" cellspacing="2">
  4.     <tr>
  5.         <td width="54%" height="19"><div align="left" class="style3"><a href="Service_Dates.php">Service Dates</a></div></td>
  6.  
  7.       <td width="32%"><div align="right" class="style3"><a href="Admin_Options.php">Admin Options</a><a href="Service_Dates.php"></a></span></div></td>
  8.  
  9.       <td width="14%"><div align="right" class="style3"><a href="/VOH/logout.php">Log Out</a></span></div></td>
  10.       </tr>
  11.   </table>
  12. </div>

If the SESSION::ADMIN = TRUE, then display this CODE.
Thanks!
Last edited by dwdata; Jul 4th, 2009 at 12:25 am. Reason: added more.
Reply With Quote Quick reply to this message  
Join Date: Jun 2007
Posts: 1,225
Reputation: kkeith29 has a spectacular aura about kkeith29 has a spectacular aura about kkeith29 has a spectacular aura about 
Solved Threads: 166
kkeith29's Avatar
kkeith29 kkeith29 is offline Offline
Nearly a Posting Virtuoso

Re: Displaying LINKS based on a SESSION Variable

 
0
  #2
Jul 4th, 2009
Security is a big deal for me. I hate seeing code with holes in it and how easily it would be for someone to hack it.

I have a good login security login example I can post. If you want to see it let me know.

As for your question, just use an if statement.
PHP Syntax (Toggle Plain Text) 
  1. $admin = false;
  2. if ( $_SESSION['SESS_ADMIN'] == 'ADMIN' ) { //whatever the value is in the database for an admin
  3.   $admin = true;
  4. }
Then in your script where you want something for an admin only.
PHP Syntax (Toggle Plain Text) 
  1. if ( $admin ) {
  2.   echo 'html that only admins should see';
  3. }

Really the best thing to do is seperate the user and admin areas completely.
Last edited by kkeith29; Jul 4th, 2009 at 12:42 am.
Google is your friend.

Use [code] tags.

If you have found a solution to your problem, please mark the thread as SOLVED.
Reply With Quote Quick reply to this message  
Join Date: Jul 2009
Posts: 42
Reputation: dwdata is an unknown quantity at this point 
Solved Threads: 0
dwdata dwdata is offline Offline
Light Poster

Re: Displaying LINKS based on a SESSION Variable

 
0
  #3
Jul 4th, 2009
Originally Posted by kkeith29 View Post
Security is a big deal for me. I hate seeing code with holes in it and how easily it would be for someone to hack it.

I have a good login security login example I can post. If you want to see it let me know.

As for your question, just use an if statement.
PHP Syntax (Toggle Plain Text) 
  1. $admin = false;
  2. if ( $_SESSION['SESS_ADMIN'] == 'ADMIN' ) { //whatever the value is in the database for an admin
  3.   $admin = true;
  4. }
Then in your script where you want something for an admin only.
PHP Syntax (Toggle Plain Text) 
  1. if ( $admin ) {
  2.   echo 'html that only admins should see';
  3. }

Really the best thing to do is seperate the user and admin areas completely.
Thanks! But I still don't have it.

I have a page called "header.php" which I use in ALL my pages as a INCLUDE () which brings in the logo banner display and the main LINKS (which I want to dynamically display based on the SESSION::ADMIN. Here is the code:

PHP Syntax (Toggle Plain Text) 
  1. <style type="text/css">
  2. <!--
  3. .style3 {font-size: 11px; font-family: Verdana, Arial, Helvetica, sans-serif; font-weight: bold; }
  4. -->
  5. </style>
  6.  
  7. <div align="center"><img src="/VOH/Images/logo.jpg" width="703" height="144" longdesc="http://www.dwdataconcepts.com/VOH/index.php" />
  8.   <br />
  9.  
  10. <?  
  11.   $admin = false;
  12. if ( $_SESSION['SESS_ADMIN'] == 'ADMIN' ) { //whatever the value is in the database for an admin
  13.   $admin = true;
  14. }
  15. ?>
  16.  
  17.   <table width="703" border="0" align="center" cellpadding="2" cellspacing="2">
  18.     <tr>
  19.       <td width="54%" height="19"><div align="left" class="style3">
  20.  
  21. 	  <? if ( $admin ) {echo '<a href="Service_Dates.php">Service Dates</a>';} ?></div></td>
  22. 	  <? //<a href="Service_Dates.php">Service Dates</a></div></td> ?>
  23.  
  24.       <td width="32%"><div align="right" class="style3">
  25.  
  26. 	  <? if ( $admin ) {echo '<a href="Admin_Options.php">Admin Options</a>';} ?></div></td>
  27. 	  <? //<a href="Admin_Options.php">Admin Options</a></span></div></td> ?>
  28.  
  29.       <td width="14%"><div align="right" class="style3"><a href="logout.php">Log Out</a></span></div></td>
  30.       </tr>
  31.   </table>
  32. </div>

Does this look right? Is the DOUBLE EQUALS right in your statement:

PHP Syntax (Toggle Plain Text) 
  1. if ( $_SESSION['SESS_ADMIN'] == 'ADMIN' ) { //whatever the value is in the database for an admin
  2.   $admin = true;
  3. }

Is it my HTML? Sigh...
Reply With Quote Quick reply to this message  
Join Date: Jul 2009
Posts: 42
Reputation: dwdata is an unknown quantity at this point 
Solved Threads: 0
dwdata dwdata is offline Offline
Light Poster

Re: Displaying LINKS based on a SESSION Variable

 
0
  #4
Jul 4th, 2009
Originally Posted by kkeith29 View Post

Then in your script where you want something for an admin only.
PHP Syntax (Toggle Plain Text) 
  1. if ( $admin ) {
  2.   echo 'html that only admins should see';
  3. }

Really the best thing to do is seperate the user and admin areas completely.
Now I know something is wrong with the IF Statements (unless I am not understanding the right syntex: Here is my code:

PHP Syntax (Toggle Plain Text) 
  1. <style type="text/css">
  2. <!--
  3. .style3 {font-size: 11px; font-family: Verdana, Arial, Helvetica, sans-serif; font-weight: bold; }
  4. -->
  5. </style>
  6.  
  7. <div align="center"><img src="/VOH/Images/logo.jpg" width="703" height="144" longdesc="http://www.dwdataconcepts.com/VOH/index.php" />
  8.   <br />
  9.  
  10.  
  11. <?  
  12.   $admin = false;
  13. if ( $_SESSION['SESS_ADMIN'] == 'ADMIN' ) { //whatever the value is in the database for an admin
  14.   $admin = true;
  15. }
  16.  
  17. ?>
  18.  
  19.   <table width="703" border="0" align="center" cellpadding="2" cellspacing="2">
  20.     <tr>
  21.       <td width="54%" height="19"><div align="left" class="style3">
  22.  
  23. 	  <? echo '<a href="Service_Dates.php">Service Dates</a></div></td>' ?>
  24. 	  <? //if ( $admin ) {echo '<a href="Service_Dates.php">Service Dates</a>'} ?></div></td>
  25. 	  </div></td>
  26.  
  27.  
  28.       <td width="32%"><div align="right" class="style3">
  29.  
  30. 	  <? echo '<a href="Admin_Options.php">Admin Options</a></div></td>' ?>
  31. 	  <? //if ( $admin ) {echo '<a href="Admin_Options.php">Admin Options</a>'} ?></div></td>
  32. 	  </div></td>
  33.  
  34.  
  35.       <td width="14%"><div align="right" class="style3"><a href="logout.php">Log Out</a></span></div></td>
  36.       </tr>
  37.   </table>
  38. </div>

The commented out lines are the one I am trying to get to work. The UNcomments ones are the raw hyperlinks minus the IF statement.

I'd love to conquer this before I hit the bed ;-) Thanks again.
Reply With Quote Quick reply to this message  
Join Date: Jul 2009
Posts: 27
Reputation: Toxikr3 is an unknown quantity at this point 
Solved Threads: 0
Toxikr3 Toxikr3 is offline Offline
Light Poster

Re: Displaying LINKS based on a SESSION Variable

 
0
  #5
Jul 5th, 2009
Originally Posted by kkeith29 View Post
Security is a big deal for me. I hate seeing code with holes in it and how easily it would be for someone to hack it.

I have a good login security login example I can post. If you want to see it let me know.
May I please see the login code with the security? I am currently trying to make a login system and this will help me greatly. Thanks.
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
This thread is more than three months old.
Perhaps start a new thread instead?
Message:



Similar Threads
Other Threads in the PHP Forum
Thread Tools Search this Thread



apache api array beginner beneath binary broadband broken cache cakephp class cms code confirm countingeverycharactersfromastring crack cron curl customizableitems database date decode display dynamic echo email error fcc file folder form forms forum freelancing function functions google header headmethod howtowriteathesis href htaccess html iframe image include incode integration ip javascript joomla limit link login malfunction match menu method mlm mod_rewrite multiple mysql neutrality oop pagerank paypal pdf php phpmysql play query question random recursiveloop root script search select server sessions sms smtp soap source space sql strip_tags support! survey system table template tutorial upload url variable video web window.onbeforeunload=closeme; youtube
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC