0
<?php
session_start();
?>
error_reporting(E_PARSE);
include "connection.php";
$User_ID=$_SESSION['UserId'];
$query = mysql_query("SELECT * FROM Users WHERE UserID='$User_ID'");
$row = mysql_fetch_array($query);
$filename=$row['PicUrl'];
$username=$row['UserName'];
$fName=$row['FirstName'];

if(isset($_SESSION["UserName"])){
if(!empty($filename)){echo '<img src="'.$filename.'" align="left"width="150px" height="100px"/>';}
echo $fName;
echo"<li><a href='logout.php'>Click here to Logout.</a></li>";
echo"<li><a href='user_update.php'>edit your account detail</li>";
}
if(empty($_SESSION['UserName'])){
echo"<li><a href='login.php'>login</a></li>";
echo"<li><a href='register.php'>Sign Up</li>";
}
?>
      </li>
    </ul>
    <ul class="languages">
      <li class="lang-3 last-item"><a href="#"></a></li>
    </ul>
  </div>
  <div class="navigation">
  <!--======================== menu ============================-->
  <nav>
    <ul class="sf-menu responsive-menu">
      <?php
if(isset($User_ID)){
$abc=array();
$queri=mysql_query("SELECT * FROM `userrights` WHERE `UserId`=$User_ID");
while($cow = mysql_fetch_array($queri)){
$MI=$cow['MenuId'];
$UserID=$cow['UserId'];
$abc[]=$MI;
}
$qry = mysql_query("SELECT 
* 
FROM
adminmenu");
while($row = mysql_fetch_array($qry)){
$MU=$row['MenuUrl'];
$MN=$row['MenuName'];
$MId=$row['MenuId'];
if(in_array($MId,$abc)){
echo"<li><a href='$MU'>$MN</a></li>";}
}
}

i want to that if user have no rights then the url no open if he enter the direct url

4
Contributors
8
Replies
33
Views
3 Years
Discussion Span
Last Post by Ketul_1
0

this is what i would do with your code adda count and test to see if the
user has permissions

<?PHP

if(isset($User_ID)){
$abc=array();
// add a count when grabbing permissions
$queri=mysql_query("SELECT *,COUNT(MenuId) FROM `userrights` WHERE `UserId`=$User_ID");
while($cow = mysql_fetch_array($queri)){
//test to see if permissions exists if they dont redirect
    if($cow['COUNT(MenuId)'] === 0){
header("location:index.php");
}ELSE{
// do stuff with perssmissions
$MI=$cow['MenuId'];
$UserID=$cow['UserId'];
$abc[]=$MI;

}
}
}
?>

Edited by HITMANOF44th: added info

0
<?php
session_start();
if(!isset($_SESSION['username'])) 
{
header('Location: login.php');
exit;
}
?>

add this to your page.. which you want to restrict.

0

my code is hiding the menu link and name only but when i enter the link it can be open
i want to not open whom i am not permissoion to access after enter the link

0

which URL You don't want to open if user have no permission.

Edited by Ketul_1

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.