how to add super user that can veiw and edit all user

Light Poster

48 posts since Nov 2012

Reputation Points: 0

Solved Threads: 0

Skill Endorsements: 0

0

<html>
<head>
<title>login page</title>
<link rel="stylesheet" type="text/css" media="all" href="style.css" />
</head>

<form action="index.php" method=get>

<?php
 $user;

session_start(); 

if( $_SESSION["logging"]&& $_SESSION["logged"])
{ 

     print_secure_contentt();
     print_secure_content();

}

else {
    if(!$_SESSION["logging"])
    {  
    $_SESSION["logging"]=true;
    loginform();
    }
       else if($_SESSION["logging"])
       {  

         $number_of_rows=checkpass();

         if($number_of_rows==1)
         {
                $_SESSION["admin"];
                 $_SESSION[admin]=$_GET[userlogin];
              $_SESSION[logged]=true;
              //header('Location:newAdmin.php');
               print_secure_contentt();
               }
         if($number_of_rows==1)
            {   
             $_SESSION["user"];
             $_SESSION[user]=$_GET[userlogin];
             $_SESSION[logged]=true;

             header('Location:welcome.php');


             print_secure_content();
            }

            else{
                print "wrong pawssword or username, please try again";  
                loginform();
            }
        }
     }


function loginform()
{
print "please enter your login information to proceed with our site";
//print ("<table border='2'><tr><td>username</td><td><input type='text' name='userlogin' size'20'></td></tr><tr><td>password</td><td><input type='password' name='password' size'20'></td></tr></table>");
//print "<input type='submit' >";    
//print "<h3><a href='registerform.php'>register now!</a></h3>";    
}

function checkpass()
{
$servername="localhost";
$username="root";
$conn=  mysql_connect($servername,$username)or die(mysql_error());
mysql_select_db("test",$conn);
$sql="select * from users where name='$_GET[userlogin]' and password='$_GET[password]'";
$result=mysql_query($sql,$conn) or die(mysql_error());
return  mysql_num_rows($result);
}

function print_secure_content()

{    
    header ("Location: welcome.php");


}

function print_secure_contentt()
{   
    //header('Location:newAdmin.php');


}

?>


<form action="welcome.php" method="get">

<div class= "nine"><table border="0" cellpadding="1" cellspacing="0" id="tblsubmit" align="center" class="pos4">
<tr>
<td>  username:  </td>
<td><input type='text' name='userlogin' size'20'></td>
</tr>
<tr>
<td>password</td><td><input type='password' name='password' size'20'></td></tr></table></form>
<p class="submit">
<input type="submit" value="Log In" tabindex="100" ></p>
<p class="forgetmenot"><label for="rememberme"><input name="rememberme" id="rememberme" value="forever" tabindex="90" type="checkbox"> Remember Me</label></p></div>
<div class="pos2"><img border="0" src="login.jpg"  width="80" height="50"></div>       
<div id ="menu">If New User click here to:<a href='registerform.php'>register now!</a></div>
<p class="pos3">Login here</p>


</form>




</body>
</html>

Light Poster

48 posts since Nov 2012

Reputation Points: 0

Solved Threads: 0

Skill Endorsements: 0

0

this my login page code

Light Poster

48 posts since Nov 2012

Reputation Points: 0

Solved Threads: 0

Skill Endorsements: 0

0

With what bit do you need help? 100 odd lines of code - can you whittle it down a bit?

Keep Smiling

Moderator

10,654 posts since Oct 2006

Reputation Points: 1,628

Solved Threads: 1,510

Skill Endorsements: 57

0

<?php
$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("test", $con);

$result = mysql_query("SELECT * FROM users");
?>
<div class= "nine"><table border="0" cellpadding="1" cellspacing="0" id="tblsubmit" align="center" class="pos6"> 
</div>
<?php
while($row = mysql_fetch_array($result))
  {
  echo "<tr>";
  echo "<td>" . $row['name'] . "</td>";
  echo "<td>" . $row['email'] . "</td>";
   echo "<td>" . $row['password'] . "</td>";
  echo "</tr>";
  }
echo "</table>";

mysql_close($con);
?>

thank you very much diafol!
i need help here it show all user while i want only that user which is login mean a user can see only his/her profile
hope now u will undertand my question.
$result = mysql_query("SELECT * FROM users");

Light Poster

48 posts since Nov 2012

Reputation Points: 0

Solved Threads: 0

Skill Endorsements: 0

0

please some one help me

Light Poster

48 posts since Nov 2012

Reputation Points: 0

Solved Threads: 0

Skill Endorsements: 0

0

For me a simple solution works off the session variable ($_SESSION['user_level']).
If an user is logged in, they should see their own profile page (including the admin user) - this works off $_SESSION['user_id']. This is only set when an user/admin has logged in.

The $_SESSION['user_level'] could hold an integer like 1 = regular user, 2 = admin, 3 = superadmin etc.

You may find that a separate page would serve as a place to edit all users. This could be placed in an admin nav item, which is only visible if the $_SESSION['user_level'] > 1. Also that page would be protected from direct access, like:

if(!isset($_SESSION['user_level']) || $_SESSION['user_level'] < 2){
    header('index.php');
    exit;
}

The table code you posted looks ok to me.

Keep Smiling

Moderator

10,654 posts since Oct 2006

Reputation Points: 1,628

Solved Threads: 1,510

Skill Endorsements: 57

0

Dear diafol!
Where should paste this code?

Light Poster

48 posts since Nov 2012

Reputation Points: 0

Solved Threads: 0

Skill Endorsements: 0

0

please give me all code because when i past it in my admin page it do nothing
when i remove the exit then my page not change

Light Poster

48 posts since Nov 2012

Reputation Points: 0

Solved Threads: 0

Skill Endorsements: 0

0

sorry:

 header('Location: index.php');
 exit;

Keep Smiling

Moderator

10,654 posts since Oct 2006

Reputation Points: 1,628

Solved Threads: 1,510

Skill Endorsements: 57

0

when i keep this code in my index.php it gives the following error

The page isn't redirecting properly

my index.php code is here

<form action="index.php" method=get>

<?php
 $user;

session_start(); 


if( $_SESSION["logging"]&& $_SESSION["logged"])
{ 

     print_secure_contentt();
     print_secure_content();

}

else {
    if(!$_SESSION["logging"])
    {  
    $_SESSION["logging"]=true;
    loginform();
    }
       else if($_SESSION["logging"])
       {  

         $number_of_rows=checkpass();

         if($number_of_rows==1)
         {
                $_SESSION["admin"];
                 $_SESSION[admin]=$_GET[userlogin];
              $_SESSION[logged]=true;
              //header('Location:newAdmin.php');
               print_secure_contentt();
               }
         if($number_of_rows==1)
            {   
             $_SESSION["user"];
             $_SESSION[user]=$_GET[userlogin];
             $_SESSION[logged]=true;

             header('Location:welcome.php');


             print_secure_content();
            }

            else{
                echo "wrong pawssword or username, please try again";   
                loginform();
            }
        }
     }

Light Poster

48 posts since Nov 2012

Reputation Points: 0

Solved Threads: 0

Skill Endorsements: 0

0

If this in in the index.php, then you don't want to redirect to the index.php as you may get an infinite redirect loop.

Keep Smiling

Moderator

10,654 posts since Oct 2006

Reputation Points: 1,628

Solved Threads: 1,510

Skill Endorsements: 57

0

so i only past the if loop?

Light Poster

48 posts since Nov 2012

Reputation Points: 0

Solved Threads: 0

Skill Endorsements: 0

0

my index is ok except when i login as admin it does not go to admin page

 if($number_of_rows==1)
{
$_SESSION["admin"];
$_SESSION[admin]=$_GET[userlogin];
$_SESSION[logged]=true;
//header('Location:newAdmin.php');
print_secure_contentt();
}
if($number_of_rows==1)
{
$_SESSION["user"];
$_SESSION[user]=$_GET[userlogin];
$_SESSION[logged]=true;
header('Location:welcome.php');
print_secure_content();
}
else{
echo "wrong pawssword or username, please try again";
loginform();

this what i have do for user page and admin page please help me

Light Poster

48 posts since Nov 2012

Reputation Points: 0

Solved Threads: 0

Skill Endorsements: 0

0

hope now u will help me thanks in advance........

Light Poster

48 posts since Nov 2012

Reputation Points: 0

Solved Threads: 0

Skill Endorsements: 0

0

ok diafol i have solved this problem by anthor method thinks for your help....

Light Poster

48 posts since Nov 2012

Reputation Points: 0

Solved Threads: 0

Skill Endorsements: 0

0

Ok, mark thread as solved.

Keep Smiling

Moderator

10,654 posts since Oct 2006

Reputation Points: 1,628

Solved Threads: 1,510

Skill Endorsements: 57

0

but now i want that how can a user see and edit his profile?

Light Poster

48 posts since Nov 2012

Reputation Points: 0

Solved Threads: 0

Skill Endorsements: 0

0

Again, down to session variable.

You could set up a profiles page where the profile showed is the one in the url querystring (similar to Daniweb). Only when the user id in the querystring is equal to the session user id (or if the user is an admin), do you make it editable.

Keep Smiling

Moderator

10,654 posts since Oct 2006

Reputation Points: 1,628

Solved Threads: 1,510

Skill Endorsements: 57

0

please give me a code because i am new in php