AlexMcKenze

In PHP, how can I restrict users based on if the currently logged user is an author of the post or admin from editing and deleting posts? <div id="blog" class="blog"> <div class="container"> <?php foreach($query as $q){?> <div class="blog-box"> <span>Author: <?php echo $q['username'];?> <br>Date: <?php echo $q['date'];?></span> <h2><?php echo $q['title'];?></h2> <p><?php echo $q['content'];?></p> <div id="buttons"> <a href="edit.php?id=<?php echo $q['id'];?>" id="edit">Edit</a> <form method="POST"> <input id="" type="text" hidden name="id" value="<?php echo $q["id"]?>"> <button name="delete" id="delete">Delete</button> </form> </div> <hr> </div> <?php } ?> </div> </div> For example: user1 is currently logged in so he can edit or delete his posts but he can't do anything with posts written by others, admin is logged and he is able to manage all of the posts. <?php include("connection.php"); include("functions.php"); $user_data = check_login($con); $display = "SELECT * from articles"; $query = mysqli_query($con, $display); if(isset($_REQUEST['id'])){ $id = $_REQUEST['id']; $sql = "SELECT * FROM articles WHERE id='$id'"; //lists all posts $query = mysqli_query($con,$sql); } if(isset($_REQUEST['delete'])){ $id = $_REQUEST['id']; $sql = "DELETE FROM articles WHERE id='$id'"; $query = mysqli_query($con,$sql); header("Location: manage.php"); die; } $user_data['username']; contains username of current logged user It this possible?