0

i got 3 users to be registered in the registration form through radio button admin,manager and employee... after registration of a admin the other 2 raadio buttons shud only enable in the registration form...

admin shud be disable............

how to implement this in php...........

4
Contributors
10
Replies
11
Views
5 Years
Discussion Span
Last Post by diafol
Featured Replies
  • 1
    diafol 3,720   5 Years Ago

    If you tried, show us what you got. This is a help forum, not a free lunch forum. If the form is only for an admin to fill out, I don't see why you need the admin radio option in the first place, as he/she will have registered as an … Read More

  • 1
    diafol 3,720   5 Years Ago

    how about: [CODE]<?php if(!admin_exists){ echo '<input name="level" id="adminlevel" type="radio" value="2" /> <label for="adminlevel">admin</label>'; } ?> <input name="level" id="manlevel" type="radio" value="1" /> <label for="manlevel">manager</label> <input name="level" id="employeelevel" type="radio" value="0" /> <label for="employeelevel">employee</label>[/CODE] That should work for a secured form (if only an admin can get at it). HOWEVER, using plaintext or … Read More

0

do u have sample code..its very messy
i need the exact code........

0

I don't understand why you're giving a registering user the choice of which level to enter - surely this is a security flaw?
If this is a publically viewable form, it could be easily spoofed in order to send data with 'admin' enabled/selected.

I was going to post the code, but then, I saw your reply. Try it yourself first - don't be lazy! :)

Edited by diafol: n/a

0

hmm....please can u send me the code..i tried but...

Edited by danielbala: n/a

1

If you tried, show us what you got. This is a help forum, not a free lunch forum.

If the form is only for an admin to fill out, I don't see why you need the admin radio option in the first place, as he/she will have registered as an admin SOMEHOW already.

0
//submit form get the data etc...
$buttons = array("button1" => 0, "button2" = 1);

foreach($buttons as $key => $but){
   if($but == 1){
      echo "<input type="radio" name='" . $key . "' disabled='disabled'/>"
   }else{
      echo "<input type="radio"  name='" . $key . "' /> &&"<input type="radio"  name='" . $key . "' />
   }
}

is this correct code????

i gave name as role and value as 1 for admin

Edited by Ezzaral: Added code tags. Please use them to format any code that you post.

1

how about:

<?php
if(!admin_exists){
  echo '<input name="level" id="adminlevel" type="radio" value="2" /> <label for="adminlevel">admin</label>';
}
?>
<input name="level" id="manlevel" type="radio" value="1" /> <label for="manlevel">manager</label>
<input name="level" id="employeelevel" type="radio" value="0" /> <label for="employeelevel">employee</label>

That should work for a secured form (if only an admin can get at it). HOWEVER, using plaintext or integer values is dangerous if not, as anybody can spoof a form and send it as an admin (even if they're not).

One way to prevent this is to hash the values with something like this:

$adminhash = md5('thisisadmin97531');
// so then
if(!admin_exists){
  echo '<input name="level" id="adminlevel" type="radio" value="' . $adminhash . '" /> <label for="adminlevel">admin</label>';
}

You then need to check on form handling for $_POST - use a switch or if/elseif/else... to check for accepted values, which are:

eb9ef3335cf3726752e8008b5bbe9b74 (admin)
1 (manager)
0 (employee)

But this is pretty hypothetical as we don't know HOW this is being used. As I said, individuals should never be allowed to enter their level of access/rights/permissions.

0

I agree this is going to cause serious problems allowing users to be any level they wish!!!! The site will not last more than a week online with that security!!!

0

(wht i have to give for admin_exists for and $adminhash = md5('thisisadmin97531');

if(!admin_exists){
  echo '<input name="level" id="adminlevel" type="radio" value="2" /> <label for="adminlevel">admin</label>';
}

Edited by Ezzaral: Added code tags. Please use them to format any code that you post.

0

Before you ask any more questions about the code. Answer my question - how is this going to be used and by whom? This will enable us to answer you correctly. At the moment I can only guess at what you wish to achieve.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.