0

Hello,

I was wondering if anyone can gude e about a puzzle i am trying to create and think let me know if this is possible or not.

Well there are many users stored i.e admins what if by mistake there is only 1 admin left in the database and that admin is logged in already i want to make that the admin which is currently logged in cannot delete him self or by mistake he click on delete button it says all admins deletation are not valid it should remain atleast 1 admin in the database we cannot delete all

as by seeing my database there are 1 table named agents and in that theere are stored users and admins both so 1 user type is admin and secon is agent so obviously there should be 1 admin remains ie all cannot be deleted if somebody delete all admins bby mistake thatn how can he manage the cms

Please give me any idea or guidline how it can be done well I am trying my self as well if i Come up with this i will foresure share it.

Thank You

4
Contributors
4
Replies
20
Views
2 Years
Discussion Span
Last Post by lps
0

I think a simple idea would be to prevent anybody from deleting themselves.

If an admin is logged in, then the user_id will be held in a session variable (or should be anyhow).

So if you are an admin you see a table with delete buttons, then don't allow a button to show next to yourself. So in your loop to create the html table:

<?php if($row['id'] !== $_SESSION['user_id']){ ?> 
<button ...>DELETE<button>
<?php } ?>

Or something along those lines

0

Agree with @diafol. You can also check the user before executing delete query to prevent direct access using url.
Example:
select id,user_name from agents where user_type = 'Admin'
Then after query, conduct an if-else case to check
1. if the id or user_name query is the same as $_SESSION data(depends on what you stored to you session)
2. result count <= 1
if any of the case matched, shows error. Else delete the data.

Edited by lps

0

You can also do thing like this:

Delete From Agents

Where Id = 2

And (Select Count(*) From Agents) > 1

Edited by DaveAmour

0

@DaveAmour, you forgot to filtered the current logged in user and admin type.

if($_POST['id'] != $_SESSION['user_id']){
    $sql = "delete from Agents where id = '".$_POST['id']."' and (select count(*) from agents where user_type = 'Admin') > 0;"
    //execute delete here
}else{
    //shows error message
    echo "You are currently logged in as the user. System preventing self destruct...";
}
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.