Before we start, I'm a beginner. I'm sure it's a simple solution but just not for me.
I'm using a session so no one can't access an admin page unless they're an admin.
The code is:
if ( $_SESSION['admin'] != 1 ) {
$_SESSION['message'] = "You're not admin!";
header("location: ../error.php");
}
Which works perfectly. regular users can't access it but admins can. BUT.
In my main cpanel I want to have a button linking to the admin panel that will only appear if the user is admin. I did the same piece of code:
if ( $_SESSION['admin'] != 1 ) {
echo '<button class="butto button-bloc" name="admin"/>Admin Panel</button>';
}
Problem is, it seems like the button shows up whether the user is an admin or not and now I think that my code is just trying to make me blow my lid as I spent a full hour trying to find what the f-- is on the go.
Any help would be greatly appreciated! I'm sure someone who's good with PHP will have it solved in under a minute lol
The condition you have written is same for user who is admin and not an admin
Please check the condition
For having a button linking to the admin panel that will only appear if the user is admin.
if ( $_SESSION['admin'] == 1 ) { // you have written $_SESSION['admin'] != 1
echo '<button class="butto button-bloc" name="admin"/>Admin Panel</button>';
}
You can use
if (isset($_SESSION['admin']) && ($_SESSION['admin'] == 1 )) {
echo '<button class="butto button-bloc" name="admin"/>Admin Panel</button>';
}
This way the button will show when you set the $_SESSION['admin'] and if it is TRUE (i.e. 1).
Try This:
if (isset($_SESSION['admin']) {
if ( ($_SESSION['admin'] == 1) ) {
echo '<button class="butto button-bloc" name="admin"/>Admin Panel</button>';
}
}
Related
I have a Wordpress page where a user can book language classes. There are different booking options, so I built the page in a way that the booking form charges dinamically from URL. The DOM charges 16 different shortcodes but in front-end it's only displayed the one that user enters in the URL by setting some parameters. The only problem about this is that the page takes a lot of time to charge and display the form.
I'm trying to figure out a way to charge only one shortcode and only set dinamically the value that differs between all shortcodes. After some researching (as my PHP knowledge is limited), I tried this code, and it worked:
function php_insert() {
if( is_page( 645 ) ) {
$awQueryString = $_SERVER['QUERY_STRING'];
parse_str($awQueryString, $awQueryStringParams);
$language = $awQueryStringParams['lang'];
$pack = $awQueryStringParams['pack'];
if (empty($awQueryString)) {
echo 'The URL entered is invalid. Please refresh the page with the correct URL or contact the web admin.';
}
else if ($language == 'english') {
if ($pack == '5') {
echo do_shortcode('[ameliacatalog package=13]');
}
if ($pack == '10') {
echo do_shortcode('[ameliacatalog package=14]');
}
if ($pack == '25') {
echo do_shortcode('[ameliacatalog package=15]');
}
}
}
}
add_action('wp_enqueue_scripts', 'php_insert');
The problem now is that this page is protected by password, and this snippet charges the code at the top of the page and it doesn't wait to check that the password is correct.
I don't know if this is the best way to do this workaround. Also don't know how can I do to solve the password check and location problem.
I hope I have explained everything well.
Thanks
How do I make something disappear for everyone besides the admin, I have this code but it only works when you are not logged in when I log in with another user it keeps showing me.
<?php
if( isset($_SESSION['username']) == "admin"){
}else{
echo "<style> .add{display: none} </style>";
}
?>
There are two steps, First you check if username isset, then you compare it. In your code, you are comparing a boolean returned by isset to a string that is "admin", try this:
if (isset($_SESSION['username']) {
// username is set
if ($_SESSION['username'] == "admin") {
// user is admin
} else {
echo("<style> .add {display:none} </style>");
}
}
Also if it is something you want to not have in the page, using display: none is very shallow. Someone can just use inspect element to style it and get it to show.
I want to hide button in search menu to specific page for normal users so they can't access to page witch is for administrators only. i'm new at writing this code so i'm asking you guys who have much more knowledge than me for help.
I want to hide File/page name upload.php for normal users and show for administrators only
Is anyone know how could i do this with php?
i'm really appreciate for every help. Thank you!
You can capture user type of user's in session. And, according to user type show / hide button.
<?
if(S_SESSION['userType'] == 'Admin') {
//Show
}
if(S_SESSION['userType'] == 'User') {
//Hide
}
?>
It's hard to give an advice without your context, but an simple example for your scenario:
// Normal Page
if($_SESSION['user_level'] > x){
//show button
}
// Admin-Only-Page
if($_SESSION['user_level'] < x){
die("Access denied");
}
Depends of how you define the administrator, if he is the user whose the Id is 1 for example, use the following script:
<?php
$current_user_id = // get it from the session if user is logged in
If ($current_user_id == 1):
?>
<input ...>
<?php endif; ?>
For that you need to set one flag in Database as user is admin or normal user.
after that in your code check with condition that logged in user is admin or not;
for example admin role is 1 then:
if($user->role == 1){
// your button code
}
simple, Enjoy :)
for example, you can use following Conditional statement :
if ($user -> role == 1){
// `enter code here`
}
I am using the minimal version of php-login from: http://www.php-login.net/ on Windows 7. When the user logs in, the login is verified and the response from the verification is True or False. The response is returned to index.php which has this code
if ($login->isUserLoggedIn() == true) {
include("views/logged_in.php");
I would like to give the user an opportunity to choose which page they go to after logging in but that page can only be accessible when the user is logged in. Any ideas? Let me know if you need more information or if what I am trying to do isn't clear. Thanks
======= UPDATED BELOW =========================
I modified the code below so that if the user login validation returns true, the user is directed to a page that has these two links Green Blue when the user clicks a link the user gets an Access Forbidden error message.
if ($login->isUserLoggedIn() == true) {
include("views/choose-pages.htm");
} else {
include("views/not_logged_in.php");
}
You can modify not_logged_in.php and have 2 submit buttons like Google, normal "Google search" and "I'm feeling luckey".
<input type="submit" name="login" value="Log in green" />
<input type="submit" name="login" value="Log in blue" />
then modify index.php
if ($login->isUserLoggedIn() == true) {
if ($_POST["login"] == "Log in green") {
include("green.php");
} else {
include("blue.php");
}
}
Well, try to create a main page (main.php), in this page write the code of choosing a page, its easy !!
if ($login->isUserLoggedIn() == true) {
include("views/main.php");
}
You could store your pages names/links in mysql database first and then get the pages links/names from the mysql database in an array and put it right after your code which would excute after the users are logged in. like so:
if ($login->isUserLoggedIn() == true) {
///Your array of pages here ///
EDIT:
Based on your comment, you can do this:
if ($login->isUserLoggedIn() == false) {
header(location someotherpage.php)
You could put that code in the blue.php, green.php etc etc
Second edit:
I hope i understand it correctly and if so, then you can use something like this:
if ($login->isUserLoggedIn() == false) {
echo "access denied";
you could even populate your page names and links in a drop down menu fashion so the users can select one and go to that page.
I am trying to get this script to work properly but am not having any luck, please can someone show me what i need to do.
At the moment the script counts the number of times a page has been accessed and redirects the user to another page if the count reaches 6.
It should only redirect if the user is not logged in, but instead it is also redirecting users when they are logged in. Please can someone show me where im going wrong.
Thanks.
<?
!session_id() ? session_start() : null;
if(!isset($_SESSION['logged_in']) && empty($_SESSION['logged_in'])){
verify_profile_visit_limit();
}
function verify_profile_visit_limit(){
$free_profiles = array(99999,99998,99997,99996,99995,99994,99993);
if(in_array($_GET["id"], $free_profiles)) return;
if(! isset($_SESSION["page_access_count"])){
$_SESSION["page_access_count"] = 1;
}
$_SESSION["page_access_count"]++;
if($_SESSION["page_access_count"] > 6){
header("Location: limit.php");
exit();
}
}
?>
Add an 'is logged in?' check to the pagecount check:
if (($_SESSION["page_access_count"] > 6) && (!isset($_SESSION['logged_in']))
if they're logged in, the check fails and they don't get redirected.