I'm trying to make an helper php-function that's going to return true/false if the user got right access level. The access level is set when the user logs in. The problem is that the function always return false. The function is located in a "class" php-file that's included(with include_once) on the page I want to use it.
I'm kinda new to php, but the if conditions seems to be right.
I have tested to log in as admin and "economy", but it doesn't return true.
I also have tried to echoing the value that is sent as an parameter and even checking that the access level is right(by echoing the value) before the elseif statement.
const AccessLevelUser = 0;
const AccessLevelAdmin = 1;
const AccessLevelManager = 2;
const AccessLevelEconomy = 3;
public static function hasAccessLevel($requiredAccess) {
//file_put_contents('logg.txt', $logg);
if( !isset($_SESSION['accesslevel']) ) {
header("location:index.php?location=login");
exit;
}elseif ( $requiredAccess == AccessLevelAdmin && $_SESSION['accesslevel'] == AccessLevelAdmin ) {
echo "Admin True";
return true;
}elseif( $requiredAccess == AccessLevelEconomy && ($_SESSION['accesslevel'] == 3 || $_SESSION['accesslevel'] == 1) ) {
echo "Economy True";
return true;
}elseif( $requiredAccess == AccessLevelManager && ($_SESSION['accesslevel'] == 2 || $_SESSION['accesslevel'] == 1) ) {
echo "Manager True";
return true;
}elseif( $requiredAccess == AccessLevelUser && ($_SESSION['accesslevel'] == 0 || $_SESSION['accesslevel'] == 1) ) {
echo "User True";
return true;
}else{
echo "FALSE!";
return false;
}
}
Related
Currently losing it.
I have a page that has a condition that checks if a user is an Admin or Reparateur (Repair guys, translated)
When you login, the goal is to make sure that an admin user is only able to login from the $admin_ip thats been entered.
This piece of code is before the statements:
$admin_ip = "xxx.xxx.xxx.180";
$login_ip = $_SERVER['REMOTE_ADDR'];
Later, the conditions checks it:
if ($functie == "Admin" or "Reperateur" AND $login_ip == $admin_ip) {
return true;
} else if ($login_ip != $admin_ip AND $functie == "Admin" or "Reperateur") {
return false;
} else {
return true;
}
Debugging shows the statement should be false:
Debugging screenshot:
Am I just not seeing it or missing something?
Like #PaulT. said:
The or check is invalid. Should be: if (($functie == "Admin" or $functie == "Reperateur") AND ... same in the next else if too.
So, the condition is fixed with the following:
if (($functie == "Admin" or $functie == "Reperateur") AND $login_ip == $admin_ip) {
return true;
} else if (($functie == "Admin" or $functie == "Reperateur") AND $login_ip != $admin_ip) {
return false;
} else {
return true;
}
So I have a button that I want to show and hide on certain parts.
So if $unlockcourse is false AND the $courseid is 1, I would like the button to be hidden, BUT I would like it to be shown at all other times no matter what the courseidis
$courseid = ($userinfo['course']) * 1;
$mycourse = ($userinfo['id_course']) * 1;
$unlockcourse = true;
if($haspaid == 1){
$unlockcourse = false;
} else if ($haspaid == 0) {
$unlockcourse = true;
}
<?php if ($unlockcourse == false && $mycourse >= 1) { ?>
Resume Course
<?php } ?>
I am surprised how did this not throw an error. The error lies here:
if ($unlockcourse == false) && if ($mycourse == 1) && {
It should be:
if ($unlockcourse == false && $mycourse == 1) {
So what you actually want to do is show it if unlockcourse is false, and mycourse is 1. This means that to find out when to show it, you need to negate both conditions like this:
<?php if (!($unlockcourse == false && $mycourse == 1)) { ?>
Resume Course
<?php } ?>
Try Editing the following code
<?php if ($unlockcourse == false && $mycourse >= 1) { ?>
Resume Course
<?php } ?>
into
<?php if !($unlockcourse == false && $mycourse >= 1){
echo "<a href='course-work-proc.php' class='btn btn-primary'>Resume Course</a>";
}?>
This will make the button appear when your statements are true, and nothing will appear when the statement is false
I have this php code associated with a database and I need here to make a complete email and name validation
based on this code how can I do that because my code has some issues here
1)name key doesn't have (//) or any symbols to be a correct name
2)email key is valid email because what we did here just make ensure that there is # symbol and if I type the email hhhh#hhh.com or even without( .com ) it will be valid also ?!!
if(array_key_exists("submit",$_POST)){
$link = mysqli_connect("localhost","root","123456789","users");
if(mysqli_connect_error()){
die("There is a problem in connecting to database");
}
if(!$_POST['name']){
$error .="<p>Your Full name is required</p><br>";
}
if(!$_POST['email']){
$error .="<p>Your email address is required</p><br>";
}
if(!$_POST['password']){
$error .="<p>Your password is required</p><br>";
}
if($error !=""){
$error = "<p>There were errors in your form</p><br>".$error;
}
}
You can use this function for the validation:
function filtervariable($string,$type,$method) {
//function for sanitizing variables using PHPs built-in filter methods
$validEmail = false;
if ($method == 'sanitize') {
$filtermethod = 'FILTER_SANITIZE_';
} elseif ($method == 'validate') {
$filtermethod = 'FILTER_VALIDATE_';
} else {
return;
}
switch ($type) {
case 'email':
case 'string':
case 'number_int':
case 'int':
case 'special_chars':
case 'url':
$filtertype = $filtermethod.strtoupper($type);
break;
}
if ($filtertype == 'FILTER_VALIDATE_EMAIL' && !empty($string)) {
list($local,$domain) = explode('#',$string);
$localLength = strlen($local);
$domainLength = strlen($domain);
$checkLocal = explode('.',$domain);
if (($localLength > 0 && $localLength < 65) && ($domainLength > 3 && $domainLength < 256) && (checkdnsrr($domain,'MX') || checkdnsrr($domain,'A') || ($checkLocal[1] == 'loc' || $checkLocal[1] == 'dev' || $checkLocal[1] == 'srv'))) { // check for "loc, dev, srv" added to cater for specific problems with local setups
$validEmail = true;
} else {
$validEmail = false;
}
}
if (($filtertype == 'FILTER_VALIDATE_EMAIL' && $validEmail) || $filtertype != 'FILTER_VALIDATE_EMAIL') {
return filter_var($string, constant($filtertype));
} else {
return false;
}
}
And use it like this:
$email = filtervariable($registeremail,'email','validate');
It will return "true" on success and "false" on failure.
I'm having an issue with a login script. The rest of it works fine, but there is something odd happening here. The issue is that even though $IPCHK is returning true the elseif function does not execute. It only executes when I set $IPCHK to jibberish. Any help would be great. Thanks in advance
if ($Numrows == 0)
{
if ($Fail >= 3)
{
$Connection = connectToDb();
//return true, false,pending
$IPCHK = checkIP();
$IPCHK = true; //forcing it to be true and still broke
//If no ip id there
if($IPCHK == false)
{
$IP = getIP();
$Query = "INSERT INTO ip VALUES ('','$IP',Now())";
mysqli_query($Connection, $Query)
or die(error(mysqli_error($Connection)));
echo "You have failed to login too many times";
echo "<br />Please <a href='login.php'>try again</a> later.";
$Lock = true;
}
//If ip is there but timer is not up
elseif ($IPCHK == 'pending')
{
echo "You have failed to login too many times";
echo "<br />Please <a href='login.php'>try again</a> later.";
$Lock = true;
}
//Timers Up
elseif ($IPCHK == true) //here does not execute when it returns true
{
$_SESSION['FailedLogin'] = 0;
$Lock = false;
}
else
{
error("End of if check");
}
}
else
{
$Fail = 3 - $Fail;
$_SESSION['FailedLogin'] = $_SESSION['FailedLogin'] + 1;
$Error = $Error."<br />You have ".$Fail." attempts remaining";
}
}
In your Condition you have
elseif ($IPCHK == 'pending')
then
elseif ($IPCHK == true)
the second else will never execute because $IPCHK == 'pending' means also that $IPCHK == true
if you want to execute your second else you have to change the seconde condition to somethig like this
elseif($IPCHK == 'done')
or simply use === like this
elseif($IPCHK === 'pending')
then
elseif($IPCHK === true)
Lamari Alaa is correct, and the relevant documentation entry on type juggling can help understand why.
The following script outputs: boolean = string:
$test = true;
if( $test == 'pending' ) {
echo 'boolean = string';
} else if ( $test ) {
echo 'boolean != string';
}
This is because the string 'pending' is being coerced into a boolean value before being compared to the boolean value true. Since it evaluates as true, the first condition is taken. Consider replacing == 'pending' to === 'pending'
What's the best way to write this in PHP, so I know which condition fails and is easy to maintain? Without resorting to multiple if else statements...
if ((!$titleBlockPresent || !$leadBlock || ($allDoubleBlockCount !=2 || $allDoubleBlockCount!=1) ||$countFirstSmallShowBlocks !=2 ||$countSecondSmallShowBlocks !=2 ) && !$contentNotAvailableMessage)
{
$this->fail("Block missing in the horizontal list of blocks on the non live carousel");
}
try this
$shouldFail = FALSE;
switch(TRUE){
case !titleBlockPresent:
echo "No title block present<br/>";
$shouldFail = TRUE;
case !$leadBlock:
echo "No lead block<br/>";
// the rest of the code
}
If you move that check into the function, it'll be clear for you and anyone else looking at your code, and very easy to maintain, for example:
function tester($var1, $var2, $var3)
{
if (!$var1)
{
$this->fail("error1");
return FALSE;
}
if (!$var2)
{
$this->fail("error2");
return FALSE;
}
if (!$var3)
{
$this->fail("error3");
return FALSE;
}
return TRUE;
}
You could also add a comment to each if that needs further clarification.
I just come up with this, but noticed that it is very similar to GeoPhoenix's answer, just the other way around, may be worth checking this out, as well:
$bFail = false;
if(!$bFail && $contentNotAvailableMessage) $bFail = true;
if(!$bFail && !$titleBlockPresent ) $bFail = true;
if(!$bFail && !$leadBlock ) $bFail = true;
if(!$bFail && $allDoubleBlockCount != 2) $bFail = true;
if(!$bFail && $allDoubleBlockCount != 1) $bFail = true;
if(!$bFail && $countFirstSmallShowBlocks != 2) $bFail = true;
if(!$bFail && $countSecondSmallShowBlocks != 2) $bFail = true;
if($bFail) $this->fail("Block missing in the horizontal list of blocks on the non live carousel");