I did a lot of things like this Python / Django, but today I get a current semi-ending on PHP Code is the first time with my PHP.
Basically this is the usual login system, with administrator login and user login.
My user tables in my database are sno, username, password, admin , where admin is 1 users with administrator privileges for.
Now while logging in, I understand that I can check the admin value for the entry and
header ("Location: adminhome.php" ); If the administrator and header ("location: userhome.php"); if not. But how do I stop accessing a regular user, say, Adminpage1.php which is only for administrators?
This is my first and only work once, otherwise I will have to go through various guides.
When you confirm that the user is an administrator in login.php, insert follwoing
session_start (); $ _SESSION ["is_admin"] = true; In login.php (or whatever you call it, where the headers are), and enter in adminhome.php
Session_start () ; If (isset ($ _ session ["is_admin"]) and $ _SESSION ["is_admin"]) {echo "you are an administrator!" Else} {header ("location: userhome.php");} < / Code> It is safe and should work.
No comments:
Post a Comment