Jump to content

Admin Functions

Tom8001

By Tom8001
in PHP Coding Help

 Share
Go to solution Solved by Psycho,

Recommended Posts

Jacques1 Prolific Member

Jacques1

Posted
Posted

You select the user by their ID (whatever that is). How exactly the ID is passed to the server depends on your GUI. Is there a “ban” and “delete” button next to each user in the list? Is there an extra page for editing a specific user?

 

Either way, be very careful about Cross-Site Request Forgery. If you just accept any request coming from an admin, then it's easy for a malicious website to forge requests and ban or delete arbitrary users. You need to include a special random token in each request (see Synchronizer Token Pattern).

 

You also shouldn't actually delete users, because people may click the button by accident. There's also a big risk of ending up with broken references. Instead, mark the user as deleted.

Link to comment
Share on other sites
NotionCommotion Prolific Member

NotionCommotion

Posted
Posted

Tom,

 

There are about a million and maybe more ways to do this.

 

What do you want regarding the user experience?  A link next to each user?  A select menu to select the user?  An autocomplete to select the user?  A checkbox next to each user? Or something else?

 

Once you decide on this, there are many ways to implement, however, fortunately less than a million.

Link to comment
Share on other sites
Tom8001 Member

Tom8001

Posted
  • Author
Posted

Tom,

 

There are about a million and maybe more ways to do this.

 

What do you want regarding the user experience?  A link next to each user?  A select menu to select the user?  An autocomplete to select the user?  A checkbox next to each user? Or something else?

 

Once you decide on this, there are many ways to implement, however, fortunately less than a million.

Ok so i have a query that gets all the usernames from the database and i have echoed them out. i want make a button next to it that can ban / unban the user but what i am confused about is how would i select that user?

Link to comment
Share on other sites
  • Solution
Psycho Prolific Member

Psycho

Posted
  • Solution
Posted

Ok so i have a query that gets all the usernames from the database and i have echoed them out. i want make a button next to it that can ban / unban the user but what i am confused about is how would i select that user?

 

What do you mean by "Select" the user? You just stated you are echoing out the list of users and you want a button next to each. There is no "selection". Just make each button an individual form which includes a hidden field with the id of the user.

 

 

while($row = $sth->fetch(PDO::FETCH_ASSOC))
{
    echo "Username: {$row['username']} ";
    echo "<form action='ban.php' method='post'>";
    echo "  <hidden name='id' value='{$row['user_id']}'>\n";
    echo "  <button type='submit'>Ban user</button>";
    echo "</form><br><br>";
}
  • Like 1
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.