Get up to 80 % extra points for free! More info:

Discussion – Lesson 7 - NOO-CMS - Displaying articles in PHP

Back

 

Comments
Avatar
lawrence njoroge:2/26/2017 0:31

heloo i want some little asistance please, i want to make a code that directs the admin to the administration page and the other users to articles page how to i do that
sign in php code

<?php
session_start();
require('Db.php');
Db::connect('127.0.0.1', 'noocms_db', 'root', '');

if (isset($_SESSION['user_id']))
{
        header('Location: administration.php');
        exit();
}

if ($_POST)
{
        $user = Db::queryOne('
                SELECT user_id, admin
                FROM user
                WHERE name=? AND password=SHA1(?)
        ', $_POST['name'], $_POST['password'] . "t&#ssdf54gh");
        if (!$user)
                $notice = 'Invalid name or password.';

        if(user)
        {
                $_SESSION['user_id'] = $user['user_id'];
                $_SESSION['user_name'] = $_POST['name'];
                $_SESSION['user_admin'] = $user['admin'];
                header('Location: administration.php');
                exit();
        }
 else
         {$_SESSION['user_id'] = $user['user_id'];
           $_SESSION['user_name'] = $_POST['name'];
           header('Location: reports.php');
           exit();


         }
}
?>

adimistration code

<?php
session_start();
if (!isset(!$_SESSION['user_id']))
{
        header('Location: sign-in.php');
        exit();
}

if (isset($_GET['sign-out']))
{
        session_destroy();
        header('Location: sign-in.php');
        exit();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
        <meta charset="utf-8" />
        <link rel="stylesheet" href="style.css" type="text/css" />
        <title>Administration</title>
</head>

<body>
    <header>
                        <div id="logo"><h1></h1></div>
                <nav>
                        <ul>
                            <li><a href="home.php">Home</a></li>
                                <li><a href="about.php">About us</a></li>
                                <li><a href="members.php">members</a></li>
                                <li><a href="contact.php">Contact</a></li>
                                <li><a href="administration.php?sign-out">Sign-out</a></li>>
                        </ul>
                </nav>
</header>
<article>
        <div id="centerer">
                <header>
                        <h1>Administration</h1>
                </header>
                <section>
                        <p>Welcome to the administration, you're signed in as <?= htmlspecialchars($_SESSION['user_name']) ?>.</p>
                        <?php
                                if ($_SESSION['user_admin'])
                                        echo("You don't have an administrator role, ask the administrator for it.");
                        ?>
                        <h2><a href="editor.php">Article editor</a></h2>
                        <h2><a href="articles.php">Article list</a></h2>
                        <h2> register a new member<a href="sign-up.php">sign-up</a> </h2>
                </section>
                <div class="clear"></div>
        </div>
</article>
    <footer>
        Made by &copy;<a href="http://www.facebook.com/lawnj">lawrence</a>
    </footer>
</body>
</html>
Reply
2/26/2017 0:31
where there is will there is a way
Avatar
IT Man
Member
Avatar
Replies to lawrence njoroge
IT Man:2/26/2017 1:47

You have admin permission in $_SESSION['user_admin'], so use something like this:

if (isset($_SESSION['user_admin']) && $_SESSION['user_admin'] == 1)
{
    header('Location: admin-page.php');
    exit();
}
else
{
    header('Location: article.php');
    exit();
}
 
Reply
2/26/2017 1:47
Avatar
Replies to IT Man
lawrence njoroge:2/26/2017 13:28

still the code doesn't work

<?php
session_start();
require('Db.php');
Db::connect('127.0.0.1', 'noocms_db', 'root', '');

if (isset($_SESSION['user_id']))
{
        header('Location: administration.php');
        exit();
}

if ($_POST)
{
        $user = Db::queryOne('
                SELECT user_id, admin
                FROM user
                WHERE name=? AND password=SHA1(?)
        ', $_POST['name'], $_POST['password'] . "t&#ssdf54gh");
        if (!$user) {
        $notice = 'Invalid name or password.';
    }else
        {
                $_SESSION['user_id'] = $user['user_id'];
                $_SESSION['user_name'] = $_POST['name'];
     if (isset($_SESSION['user_admin']) && $_SESSION['user_admin'] == 1)
{
    header('Location: administration.php');
    exit();
}
else
{
    header('Location: reports.php');
    exit();
}

        }
}
?>

the admin an other users are taken to the reports.php page

Reply
2/26/2017 13:28
where there is will there is a way
Avatar
IT Man
Member
Avatar
Replies to lawrence njoroge
IT Man:2/26/2017 16:10

Yes, sure. You removed setting permission for $_SESSION. So before if with redirects add this:

$_SESSION['user_admin'] = $user['admin'];
 
Reply
2/26/2017 16:10
Avatar
Replies to IT Man
lawrence njoroge:2/27/2017 11:06

Thank you man 8-)

Reply
2/27/2017 11:06
where there is will there is a way
Avatar
Kev Harris
Member
Avatar
Kev Harris:1/16/2020 16:36

Great tutorial, thank you.

Reply
1/16/2020 16:36
Dream like you will live forever, Live like you will die tomorrow.
To maintain the quality of discussion, we only allow registered members to comment. Sign in. If you're new, Sign up, it's free.

6 messages from 6 displayed.