Member Avatar for rjusman90 
<?php
session_start();
?>
error_reporting(E_PARSE);
include "connection.php";
$User_ID=$_SESSION['UserId'];
$query = mysql_query("SELECT * FROM Users WHERE UserID='$User_ID'");
$row = mysql_fetch_array($query);
$filename=$row['PicUrl'];
$username=$row['UserName'];
$fName=$row['FirstName'];

if(isset($_SESSION["UserName"])){
if(!empty($filename)){echo '<img src="'.$filename.'" align="left"width="150px" height="100px"/>';}
echo $fName;
echo"<li><a href='logout.php'>Click here to Logout.</a></li>";
echo"<li><a href='user_update.php'>edit your account detail</li>";
}
if(empty($_SESSION['UserName'])){
echo"<li><a href='login.php'>login</a></li>";
echo"<li><a href='register.php'>Sign Up</li>";
}
?>
      </li>
    </ul>
    <ul class="languages">
      <li class="lang-3 last-item"><a href="#"></a></li>
    </ul>
  </div>
  <div class="navigation">
  <!--======================== menu ============================-->
  <nav>
    <ul class="sf-menu responsive-menu">
      <?php
if(isset($User_ID)){
$abc=array();
$queri=mysql_query("SELECT * FROM `userrights` WHERE `UserId`=$User_ID");
while($cow = mysql_fetch_array($queri)){
$MI=$cow['MenuId'];
$UserID=$cow['UserId'];
$abc[]=$MI;
}
$qry = mysql_query("SELECT 
* 
FROM
adminmenu");
while($row = mysql_fetch_array($qry)){
$MU=$row['MenuUrl'];
$MN=$row['MenuName'];
$MId=$row['MenuId'];
if(in_array($MId,$abc)){
echo"<li><a href='$MU'>$MN</a></li>";}
}
}

i want to that if user have no rights then the url no open if he enter the direct url

  • 4 Contributors
  • 8 Replies
  • 153 Views
  • 21 Hours Discussion Span
  • Latest Post Latest Post by Ketul_1

Recommended Answers

All 8 Replies

Member Avatar for HITMANOF44th

this is what i would do with your code adda count and test to see if the
user has permissions

<?PHP

if(isset($User_ID)){
$abc=array();
// add a count when grabbing permissions
$queri=mysql_query("SELECT *,COUNT(MenuId) FROM `userrights` WHERE `UserId`=$User_ID");
while($cow = mysql_fetch_array($queri)){
//test to see if permissions exists if they dont redirect
    if($cow['COUNT(MenuId)'] === 0){
header("location:index.php");
}ELSE{
// do stuff with perssmissions
$MI=$cow['MenuId'];
$UserID=$cow['UserId'];
$abc[]=$MI;

}
}
}
?>
Edited by HITMANOF44th because: added info
Member Avatar for thirsty.soul

what are you trying to ask?

Member Avatar for thirsty.soul 
<?php
session_start();
if(!isset($_SESSION['username'])) 
{
header('Location: login.php');
exit;
}
?>

add this to your page.. which you want to restrict.

Member Avatar for rjusman90

i am asking for user rights

Member Avatar for rjusman90

my code is hiding the menu link and name only but when i enter the link it can be open
i want to not open whom i am not permissoion to access after enter the link

Member Avatar for Ketul_1

which URL You don't want to open if user have no permission.

Edited by Ketul_1
Member Avatar for rjusman90

that url that is not allowed in the admin pannel

Member Avatar for Ketul_1

Where?

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.