I'm making a CMS with functions to add your own pages. However, I'm stuck.
As you can see, I've posted my code below. This code creates the pages which have been put in the database.
Problem is, I want to show the index page if $_GET['page'] isn't set. Index page is ID 1. The user cannot delete ID 1 from the backend.
$stmt = $dbConnection->prepare('SELECT * FROM paginas');
$stmt->execute();
$result = $stmt->get_result();
if(mysqli_num_rows($result) > 0) {
while ($row = $result->fetch_assoc()) {
if(isset($_GET['page']) && $_GET['page'] == $row['name']) {
?>
// content content...
<?php
} else {
?>
// show ID 1 content...
<?php
}
}
} else {
echo "The user has not created any pages yet!";
}
How can I do this?
This should work:
if (isset($_POST["page"]) && !empty($_POST["page"])) {
if($_GET['page'] === $row['name']){
print_r($row); // show data specific to id if page is set
}
}else{
//echo "Page is not set";
if($row['id'] == 1){ //show data of id=1 if page is not set
print_r($row);
}
}
Related
I'm trying to create permissions for 3 diferent types of users
Normal
Admin
SuperAdmin
And I don't know how or where to start doing it because I'm still very weak with php, can someone give me an example of what to do please?
How to use Session Variable for example, I've tried a code that I found here:
<?php
$result = "SELECT * FROM customers" or die("Error: " . mysqli_error($db));
$res = $db->query($result);
while($row = mysqli_fetch_array($res)) {
$UserRoleID = $row['userRoleID'];
$_SESSION['user_role'] = $UserRoleID;
}
?>
And on another page:
<?php
if( (isset($_SESSION['user_role']) ) && (false != $_SESSION['user_role']) )
{
if( '2' == $_SESSION['user_role'] )
{
echo "<li><a href='index.php'>User</a></li>";
}
elseif ('3' == $_SESSION['user_role'] )
{
echo "<li><a href='index.php'>Admin</a></li>";
}
else
{ // error condition
// display details of invalid $_SESSION['user_role']
}
}
else
{ // error condition
// display details of missing or empty $_SESSION['user_role']
}
?>
It don't show me any error but it also don't show-me the outputs so I can't do anything
Your code does not use session_start(), so regardless of any session ID the user sees, session information will not appear to persist between requests.
Start both of your scripts with this:
<?php
session_start();
I am looking for some help.
Need to create a branding page, that upon logging in would display an image based on user's email that's stored in the database.
Creating a cookie and session id works just fine. Just can't find a way to select image based on user's email.
Pasting just part of the code that actually handles user id, as anything else in my index.php file is pure html.
So far:
<?php
include 'function.php';
include 'sqlconnect.php';
//User Check
$adminid = "1";
$company1= "#gmail.com";
$company2= "#yahoo.com";
$gmail= mysqli_query($connection, "SELECT Email FROM Users WHERE Email='$company1'");
$yahoo= mysqli_query($connection, "SELECT Email FROM Users WHERE Email='$company2'");
if(loggedin()){
$checkid = $_SESSION['user_id'];
if ($adminid == $checkid){ //if user id is 1 then display img of administrator
echo '<img src="images/admin.png" title="Administrator" width:"75px" height="75px">';
echo "<li><a href='logout.php'>Logout</a></li>";
} elseif(filter_var($company1, FILTER_VALIDATE_EMAIL) && preg_match('/#.+\.gmail/', $company1)) {
echo "<li><a href='logout.php'>Logout</a></li>";
echo '<img src="images/google.png">';
} elseif (filter_var($company2, FILTER_VALIDATE_EMAIL) && preg_match('/#.+\.yahoo/',$company2)) {
echo "<li><a href='logout.php'>Logout</a></li>";
echo '<img src="images/yahoo.png>';
}
}
?>
Thank you in advance!
This should get your user based on the session's user_id then display the image as expected. Here are a few notes:
I wasn't sure what your id field was, so if it is different, replace UserId with the name of your column in the $results = line.
I did not run the query in the case that it is an admin, so if you need data for something else in that case, you'll have to move the $result = .. line to above the if ($userid == 1){ line.
I didn't check the regex for your preg_match conditions, so if the results are coming in, but the image isn't being displayed, you can see what the Email field is by adding echo <p>'.$result['Email'].'</p> right after the if(mysql_num_rows($result) == 1) { line.
<?php
include 'function.php';
include 'sqlconnect.php';
if(loggedin()){
$userid = $_SESSION['user_id'];
if ($userid == 1){ //if user id is 1 then display img of administrator
echo '<img src="images/admin.png" title="Administrator" width:"75px" height="75px">';
echo "<li><a href='logout.php'>Logout</a></li>";
} else {
$results = mysqli_query($connection, "SELECT Email FROM Users WHERE UserId='$userid'");
if(mysqli_num_rows($results) == 1) {
foreach(mysqli_fetch_assoc($results) as $result) {
echo "<li><a href='logout.php'>Logout</a></li>";
if (strpos($result,'yahoo')) {
echo '<img src="images/yahoo.png>';
} elseif (strpos($result,'gmail')) {
echo '<img src="images/google.png">';
} else {
// you could echo a default image here
}
}
}
}
}
?>
I have an ecommerce built with CodeIgniter 3 and a dashboard site built in php.
I would that the user logged on the ecommerce, would be already logged also in the personal dashboard.
In the ecommerce, there is a button to pass to the dashboard. This button calls the file of the dashboard (APS) named /APS/index.php.
In this file I put:
<?php session_start();
require_once("config.php");
if(!isset($_SESSION['client']) || empty($_SESSION['client'])) {
if (isset($_COOKIE['ci_session']) && !empty($_COOKIE['ci_session'])) {
// Check connection
$sql = "SELECT `data` FROM `ci_sessions` WHERE id=" . "'" . $_COOKIE['ci_session'] . "'";
$result = $conn->query($sql);
$first_arr = '';
if ($result->num_rows > 0) {
// output data of each row
while ($row = $result->fetch_assoc()) {
$first_arr = explode(';', $row['data']);
}
$res = '';
foreach ($first_arr as $v) {
if (strpos($v, 'customer_id') !== false) {
$res = explode('|', $v);
}
}
$conn->close();
$_SESSION['client'] = unserialize($res[1]);
} else {
$_SESSION['client'] = '';
}
}
}
if(isset($_SESSION['client']) && !empty($_SESSION['client'])){ header('location:account.php'); $x=$client->get($_SESSION['client']); $_SESSION['client']=$x[0]; exit; }
The problem is that in $_SESSION['client'] there is not the user informations. There are all the users in the user table and then it passes the first element of this list to the next page, /APS/account.php, showing the dashboard always for the first user of the user table.
How can I do?
ps. I printed some variables. The $sql statement is correct, and in $res there is the right customer_id of the logged user. The unserialize() function - I already tried the session_decode() function, but with the same result - return 1 (true), but this is not what I want.
I'm trying to redirect a page if the admin changes the page to not visible, by changing the visible value to zero, what is wrong with my code, i keep getting the error
<?php
$result = mysqli_query($con,"SELECT VISIBLE FROM menu WHERE id=0");
if($row = mysqli_fetch_array($result))
{
header('Location: ./unavailable.php? error=pagenotavaialbe');
}
else
?>
Try something like this
$result = mysqli_query($con,"SELECT VISIBLE FROM menu WHERE id=0");
if(mysqli_num_rows($result) == 0){
header('Location: ./unavailable.php? error=pagenotavaialbe');
exit;
} else {
$row = mysqli_fetch_array($result);
//do your code here
}
try this :
if($result)
{
if($row = mysqli_fetch_array($result))
{
header('Location: ./unavailable.php? error=pagenotavaialbe');
}
}
I'm really struggling with this now for a while and can't seem to get it working. In members.php (where I show all the registered users) I have a list printed out with a link "ADD TO FRIENDS" next to each user.
I managed, for testing purposes to display each members id well (so it gets the ID) but when I click the link it directs to the friends.php where it seems the fault is in. I don't know how to get that friend's id I clicked on IN THE friends.php file. Please have a look!
members.php
<?php
include 'connect.php';
include 'header.php';
if(isset($_SESSION['signed_in']) == false || isset($_SESSION['user_level']) != 1 )
{
//the user is not an admin
echo '<br/>';
echo 'Sorry! You have to be <b>logged in</b> to view all the <b>registered</b> members.';
echo '<br/><br/>';
}
else
{
echo '<h2>Registered users:</h2>';
$sql = "SELECT * FROM users ORDER BY user_name ASC";
$result = mysql_query($sql);
$num=mysql_numrows($result);
$i=0;
while ($i < $num)
{
//$name = mysql_result($result,$i,"user_name");
//$id = mysql_result($result,$i,"user_id");
//$picture = mysql_result($result,$i,"pic_location");
//?friend_id="'. $id .'
while($user = mysql_fetch_array($result)){
echo $user['user_name'].'<br/><br/>ADD TO FRIENDS<br/>';
echo $user['user_id'];
echo '<br/><br/>';
}
$i++;
}
///////////////////////////////
/// adding users as friends ///
///////////////////////////////
//while($user = mysql_fetch_array($result))
//echo $user['user_name'].'
//ADD TO FRIENDS<br/>';
//NOW I WANT TO MAKE A SPECIFIC "ADD AS FRIEND" LINK NEXT TO EACH USER
}
include 'footer.php';
?>
As I said I'm not sure how to get this so please have a look! Thanks!
J
friends.php
<?php
include "connect.php";
include "header.php";
if(isset($_SESSION['signed_in']) == false || isset($_SESSION['user_level']) != 1 )
{
//the user is not an admin
echo '<br/>';
echo 'Sorry! You have to be <b>logged in</b> if you want to add the person as a friend!';
echo '<br/><br/>';
}
else
{
$sql = "SELECT * FROM users";
$result = mysql_query($sql);
//friend_id is the ID of the friend that is clicked on...
//HOW DO I GET THAT ID THAT IS CLICKED ON IN THE WHILE "loop" in members.php?
$friends = ("INSERT INTO friends SET user_id='" . $_SESSION['user_id'] . "', friend_id='".$id."', status='0'");
$result_friends = mysql_query($friends);
if(!$friends)
{
//When you can't add this person as a friend this error will show!
echo 'You cannot add this user at this time. Please try again later!';
}
else
{
//When the friend is now added to the system!
echo 'Great! Now the user needs to approve before you can be friends!';
}
}
?>
On your friends.php use
$_GET['user_id']
Instead of $id, $id is undefined, to get the value of id from the query string you call it using an $_GET variable like,
$_GET['name_of_query_string_value']