1.11M Members

how to add super user that can veiw and edit all user

 
0
 

hiii!
Can any one help me to add super user to my login script that can veiw and edit all user,
and evry user can veiw his/her profile like facebook.
hope you people will help me.

 
0
 
<html>
<head>
<title>login page</title>
<link rel="stylesheet" type="text/css" media="all" href="style.css" />
</head>

<form action="index.php" method=get>

<?php
 $user;

session_start(); 

if( $_SESSION["logging"]&& $_SESSION["logged"])
{ 

     print_secure_contentt();
     print_secure_content();

}

else {
    if(!$_SESSION["logging"])
    {  
    $_SESSION["logging"]=true;
    loginform();
    }
       else if($_SESSION["logging"])
       {  

         $number_of_rows=checkpass();

         if($number_of_rows==1)
         {
                $_SESSION["admin"];
                 $_SESSION[admin]=$_GET[userlogin];
              $_SESSION[logged]=true;
              //header('Location:newAdmin.php');
               print_secure_contentt();
               }
         if($number_of_rows==1)
            {   
             $_SESSION["user"];
             $_SESSION[user]=$_GET[userlogin];
             $_SESSION[logged]=true;

             header('Location:welcome.php');


             print_secure_content();
            }

            else{
                print "wrong pawssword or username, please try again";  
                loginform();
            }
        }
     }


function loginform()
{
print "please enter your login information to proceed with our site";
//print ("<table border='2'><tr><td>username</td><td><input type='text' name='userlogin' size'20'></td></tr><tr><td>password</td><td><input type='password' name='password' size'20'></td></tr></table>");
//print "<input type='submit' >";    
//print "<h3><a href='registerform.php'>register now!</a></h3>";    
}

function checkpass()
{
$servername="localhost";
$username="root";
$conn=  mysql_connect($servername,$username)or die(mysql_error());
mysql_select_db("test",$conn);
$sql="select * from users where name='$_GET[userlogin]' and password='$_GET[password]'";
$result=mysql_query($sql,$conn) or die(mysql_error());
return  mysql_num_rows($result);
}

function print_secure_content()

{    
    header ("Location: welcome.php");


}

function print_secure_contentt()
{   
    //header('Location:newAdmin.php');


}

?>


<form action="welcome.php" method="get">

<div class= "nine"><table border="0" cellpadding="1" cellspacing="0" id="tblsubmit" align="center" class="pos4">
<tr>
<td>  username:  </td>
<td><input type='text' name='userlogin' size'20'></td>
</tr>
<tr>
<td>password</td><td><input type='password' name='password' size'20'></td></tr></table></form>
<p class="submit">
<input type="submit" value="Log In" tabindex="100" ></p>
<p class="forgetmenot"><label for="rememberme"><input name="rememberme" id="rememberme" value="forever" tabindex="90" type="checkbox"> Remember Me</label></p></div>
<div class="pos2"><img border="0" src="login.jpg"  width="80" height="50"></div>       
<div id ="menu">If New User click here to:<a href='registerform.php'>register now!</a></div>
<p class="pos3">Login here</p>


</form>




</body>
</html>
 
0
 

this my login page code

 
0
 

With what bit do you need help? 100 odd lines of code - can you whittle it down a bit?

 
0
 
<?php
$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("test", $con);

$result = mysql_query("SELECT * FROM users");
?>
<div class= "nine"><table border="0" cellpadding="1" cellspacing="0" id="tblsubmit" align="center" class="pos6"> 
</div>
<?php
while($row = mysql_fetch_array($result))
  {
  echo "<tr>";
  echo "<td>" . $row['name'] . "</td>";
  echo "<td>" . $row['email'] . "</td>";
   echo "<td>" . $row['password'] . "</td>";
  echo "</tr>";
  }
echo "</table>";

mysql_close($con);
?> 

thank you very much diafol!
i need help here it show all user while i want only that user which is login mean a user can see only his/her profile
hope now u will undertand my question.
$result = mysql_query("SELECT * FROM users");

 
0
 

please some one help me

 
0
 

For me a simple solution works off the session variable ($_SESSION['user_level']).
If an user is logged in, they should see their own profile page (including the admin user) - this works off $_SESSION['user_id']. This is only set when an user/admin has logged in.

The $_SESSION['user_level'] could hold an integer like 1 = regular user, 2 = admin, 3 = superadmin etc.

You may find that a separate page would serve as a place to edit all users. This could be placed in an admin nav item, which is only visible if the $_SESSION['user_level'] > 1. Also that page would be protected from direct access, like:

if(!isset($_SESSION['user_level']) || $_SESSION['user_level'] < 2){
    header('index.php');
    exit;
}

The table code you posted looks ok to me.

 
0
 

Dear diafol!
Where should paste this code?

 
0
 

please give me all code because when i past it in my admin page it do nothing
when i remove the exit then my page not change

 
0
 

sorry:

 header('Location: index.php');
 exit;
 
0
 

when i keep this code in my index.php it gives the following error

The page isn't redirecting properly

my index.php code is here

<form action="index.php" method=get>

<?php
 $user;

session_start(); 


if( $_SESSION["logging"]&& $_SESSION["logged"])
{ 

     print_secure_contentt();
     print_secure_content();

}

else {
    if(!$_SESSION["logging"])
    {  
    $_SESSION["logging"]=true;
    loginform();
    }
       else if($_SESSION["logging"])
       {  

         $number_of_rows=checkpass();

         if($number_of_rows==1)
         {
                $_SESSION["admin"];
                 $_SESSION[admin]=$_GET[userlogin];
              $_SESSION[logged]=true;
              //header('Location:newAdmin.php');
               print_secure_contentt();
               }
         if($number_of_rows==1)
            {   
             $_SESSION["user"];
             $_SESSION[user]=$_GET[userlogin];
             $_SESSION[logged]=true;

             header('Location:welcome.php');


             print_secure_content();
            }

            else{
                echo "wrong pawssword or username, please try again";   
                loginform();
            }
        }
     }
 
0
 

If this in in the index.php, then you don't want to redirect to the index.php as you may get an infinite redirect loop.

 
0
 

so i only past the if loop?

 
0
 

my index is ok except when i login as admin it does not go to admin page

 if($number_of_rows==1)
{
$_SESSION["admin"];
$_SESSION[admin]=$_GET[userlogin];
$_SESSION[logged]=true;
//header('Location:newAdmin.php');
print_secure_contentt();
}
if($number_of_rows==1)
{
$_SESSION["user"];
$_SESSION[user]=$_GET[userlogin];
$_SESSION[logged]=true;
header('Location:welcome.php');
print_secure_content();
}
else{
echo "wrong pawssword or username, please try again";
loginform();

this what i have do for user page and admin page please help me

 
0
 

hope now u will help me thanks in advance........

 
0
 

ok diafol i have solved this problem by anthor method thinks for your help....

 
0
 

Ok, mark thread as solved.

 
0
 

but now i want that how can a user see and edit his profile?

 
0
 

Again, down to session variable.

You could set up a profiles page where the profile showed is the one in the url querystring (similar to Daniweb). Only when the user id in the querystring is equal to the session user id (or if the user is an admin), do you make it editable.

 
0
 

please give me a code because i am new in php

You
This article has been dead for over six months: Start a new discussion instead
Post:
Start New Discussion
View similar articles that have also been tagged: