On my userlogin page, after i determine that the user is admin, i want to be able to create a button on another page...if that user is not admin and is just a regular user i want to be able to create a button on another page but not "clickable" just readonly. Please help.
When the user logs in as an admin, set a cookie with UserID and an MD5 hashed password. On every page load, check that cookie and password against the database. If they're an admin, you can set a variable after checking the cookie.
For a simplier solution (in my opinion) use sessions. put session_start(); at the top of every php page and then you can store a value in the session superglobal array determining if the user is an admin. <? session_start(); $_SESSION['admin'] = true; // obviously set this only after checking the user is an admin // then on every other page use this to check if the user is an admin if($_SESSION['admin']){ // create button (or whatever) } ?> PHP:
Thanks guys. I already have that same part as you had dread, but i think i didn't make my question clear enough, i'll try again. On every page i have this one button called modifym but depending on the user, it can be readonly or clickable. Using Dreads code, do i create the modify button every time or can i just chance its attributes somehow.
How about: <? session_start(); // then on every other page use this to check if the user is an admin if($_SESSION['admin']){ echo '<input type="button" name="modifym" value="button" />'; }else{ echo '<input type="button" name="modifym" value="button" readonly="readonly" />'; } ?> PHP: yes? no?
yes, thank you however, i'm getting the following errors: Warning: session_start(): Cannot send session cookie - headers already sent by (output started at C:\Server\Apache2\htdocs\awacswebhome.inc:2) in C:\Server\Apache2\htdocs\tools-equipment.php on line 8 Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at C:\Server\Apache2\htdocs\awacswebhome.inc:2) in C:\Server\Apache2\htdocs\tools-equipment.php on line 8 Notice: Undefined index: adminMode in C:\Server\Apache2\htdocs\tools-equipment.php on line
You want to put session_start(); at the top of everything, that means all the includes and everything else. session_start(); is the VERY first thing that should be executed.
OKay gotcha, it got rid of the errors. However, the button is being created as clickable every time????
ok, well thats because your session is still reading as an admin. You should logout in some way. <? // you can do it like this $_SESSION['admin'] = false; // or you can do this unset($_SESSION['admin']); // or you can do this to destroy ALL session settings session_destroy(); ?> PHP: Make sure that you only trigger these if you want to logout. eg: eg put them in an if or put them in logout.php Good luck
Thats weird, cause i already have that. In my userloging.php i have it and i also have it in my userlogout.php. This is my userlogin page if($_POST['passfield'] == $password) { //successfully validated userid and password for normal user $_SESSION['logged'] = true; $_SESSION['adminMode'] = false; //check to see if user is logged in as admin if($privileges == 'admin') { $_SESSION['adminMode'] = true; echo "You are logged in as ADMIN"; } } else { $_SESSION['logged'] = false; $_SESSION['adminMode'] = false; echo "Could not Validate Password - Please Try Again"; } } else { $_SESSION['logged'] = false; $_SESSION['adminMode'] = false; echo Could not Validate Username"; echo $_POST['userfield']; echo "<BR>"; echo "Username Must be in the form: 'c1234' "; } PHP: and in my userlogout page i have this: <?php session_start(); $_SESSION['admin'] = false; $page_title = 'Logged Out'; include('./logout.inc'); ?> PHP: