NaderH

I am afraid of corrupting my main project so I am working on another one for testing, Sorry I am still beginner.

That's the main structure Array ( [id] => [name] => [username] => [password] => [user_level] => [image] => [status] => [last_login] => ) But this this the one I am working on ( for testing) Array ( [id] => [username] => [user_level] => )

That's the users table structure id user_name user_level --------------------------------------- 1 Admin 1 2 Editor1 2 3 User1 3 4 Editor2 2 5 User2 3 6 User3 3

yes the id of the user from the users table ( if you used it with the users ) function find_by_id($table,$id) { global $db; $id = (int)$id; if(tableExists($table)){ $sql = $db->query("SELECT * FROM {$db->escape($table)} WHERE id='{$db->escape($id)}' LIMIT 1"); if($result = $db->fetch_assoc($sql)) return $result; else return null; } }

That's the echo code I used for all queries <p>Role changing query</p> <?php $update = "UPDATE blog.roles SET role_status = '0' WHERE id ='2'"; $uresult = $db->query($update) or die ($update."<br/><br/>".mysql_error()); if($uresult && $db->affected_rows() === 1) { echo ('Role status changed successfuly'); } else { echo ('Role status changing failed'); } ?> <br> <p>Users with role blocked selecting query</p> <?php $selectb = "SELECT users.username FROM blog.users JOIN blog.roles ON roles.id = users.user_level WHERE roles.role_status = '0'"; $sbresult = mysql_query($selectb) or die ($selectb."<br/><br/>".mysql_error()); while($sbrow = mysql_fetch_assoc($sbresult)) { echo $sbrow['username']; // Print a single column data echo print_r($sbrow); } // Print the entire row data ?> <br> <p>Users with role allowed selecting query</p> <?php $selecta = "SELECT users.username FROM blog.users JOIN blog.roles ON roles.id = users.user_level WHERE roles.role_status = '1'"; $saresult = mysql_query($selecta) or die ($selecta."<br/><br/>".mysql_error()); while($sarow = mysql_fetch_assoc($saresult)) { echo $sarow['username']; // Print a single column data echo print_r($sarow); } // Print the entire row data and that's the output Role changing query Role status changed successfuly Users with role blocked selecting query Editor@userArray ( [username] => Editor@user ) 1 Users with role allowed selecting query Admin@userArray ( [username] => Admin@user ) 1User@userArray ( [username] => User@user ) 1 Actually, I don't know.. aren't you believe that the queries are working or what!!

Sorry for the quality of the video, it is Google Drive

The full code is in the post ( the queries and the function. I don't have anything else for this task $db->escape() function is to remove special characters from the value before submitting it to the database public function escape($str){ return $this->con->real_escape_string($str); } function real_escape($str){ global $con; $escape = mysqli_real_escape_string($con,$str); return $escape; } and this is better than the echo https://drive.google.com/file/d/13NlsUQVqlfRbLWTyqsbONfrhMHTkcm-V/view?usp=sharing

This to change the role status ( blocked or not ) $query = "UPDATE roles SET role_status = '{$role_status}' WHERE id='{$db->escape($roles['id'])}' LIMIT 1"; and this to get or call any user with a blocked role ( user_level is the user role and it = the role_id ) so I am getting them through their level which is = role_id which is = '0' or '1' .. I wrote that in the post above, you can checi it $sql = "SELECT users.id FROM users JOIN roles ON roles.id = users.user_level WHERE roles.role_status = '{$db->escape($role_status)}'"; and both of them are working well by testing them with phpmyadmin, but editors is still active so I know that the solution is with the right function which I can't write it correctly ( and of course I know that I can't use (role_status) directly )

and that query is working fine also, but editors didn't get blocked

yes that exactly what should happen, But I can't make it happen

is there any way to block a group of users according to their role, I mean I want to block all editors instead of doing that one by one, status column in users table only block a user, but I want to block a group of users at once, the SQL query I wrote is already get the users with the blocked role, but I can't use that query without the function which will process what I need, if their any way to write a function that combines users and roles to get the users with the blocked roles and block them at once ?

I don't know If I can suppose that this is helpful or not.

I am not using it, I just put it here in that post to ask what should I write instead of it to complete the post, I could write my name to make it more clear , it was just an example, I am asking for help to complete the function ...

I know that before ( there are not a column called like that in users table, I wrote it to ask what should I write instead of it, I needed help to complete the function.

It prints that data 4 times per page.

function current_user(){ static $current_user; global $db; if(!$current_user){ if(isset($_SESSION['user_id'])): $user_id = intval($_SESSION['user_id']); $current_user = find_by_id('users',$user_id); endif; } echo "<pre>",print_r($current_user,true),"</pre>"; return $current_user; } It printed all user data Array ( [id] => [name] => [username] => [password] => [user_level] => [image] => [status] => [last_login] => )

/*--------------------------------------------------------------*/ /* Find current log in user by session id /*--------------------------------------------------------------*/ function current_user(){ static $current_user; global $db; if(!$current_user){ if(isset($_SESSION['user_id'])): $user_id = intval($_SESSION['user_id']); $current_user = find_by_id('users',$user_id); endif; } return $current_user; }

Shortly I need to block a group of users at once according to their role status (banned or not) instead of blocking users one by one. I tried using fk on update cascade to control the role status by making a fk user_role_status column in the users table refers to role_status column in the roles table but without luck because when I change a role status in roles table it changes the whole user_role_status column in users table not only the role I changed then it blocks all users not only the group I want to block because role_status in roles table is not unique and I can't make it unique because its all cells contain value='1', so I deleted the column and gave up that idea // role_status in roles table is a fk refers to id in statuses table. statuses_table id is_active ------------------ 0 no 1 ok roles_table id role role_status -------------------------------------- 1 Admins 1 2 Editors 1 3 Users 1 users_table id user_name user_level --------------------------------------- 1 Admin 1 2 Editor1 2 3 User1 3 4 Editor2 2 5 User2 3 6 User3 3 and this is the function I use -------------------------------------------------------------- Find role status -------------------------------------------------------------- function find_by_current_rolStatus($role_status) { global $db; $sql = "SELECT users.id FROM users JOIN roles ON roles.id = users.user_level WHERE roles.role_status = '{$db->escape($role_status)}'"; $result = $db->query($sql); return($db->num_rows($result) === 0 ? true : false); } -------------------------------------------------------------- Function for checking if user role status banned or allowed -------------------------------------------------------------- function login_require_roleStatus($require_role_status) { global $session; $current_user = current_user(); $current_user_role_status = find_by_current_rolStatus($current_user['role_status']);//line 155 //if Role status Deactive if ($current_user['role_status'] === '0')://line 157 $session->msg('Banned'); redirect('home.php',false); //if user role allowed elseif($current_user['role_status'] === '1')://line 161 return true; endif; } and I got this error I am trying to get the users whose user_level = role_id which its status = '0' or '1', I checked this SQL query with phpmyadmin and it is working fine, and actually I don't know what to do after that :( , I mean I don't know what to write with $current_user['role_status'] instead of role_status to get what I want.

Thanks a lot everybody I fixed it, it was because the PHP version.

Well, I changed that lint to elseif($login_level['group_status'] != '1') instead of elseif($login_level['group_status'] === '0') and it caused that all users can login but can't view any page.

well, the expected value it should return is 0 or 1 to check if the user is allowed to log in or is banned, but for some reason it doesn't work, I mean if you banned the user he will be able to login. consider that I am still a beginner.

It is to determine if the one who logging in is an admin or a seller or a user to display the home page that should appear to him according to his group(permission) level.

Hello I have this error it appears between all pages while I am navigating from one page to another, this error appears and disappears immediately, but it appears and remains present when viewing sales reports page. /*--------------------------------------------------------------*/ /* Function for checking which user level has access to the page /*--------------------------------------------------------------*/ function page_require_level($require_level){ global $session; $current_user = current_user(); $login_level = find_by_groupLevel($current_user['user_level']); //if user not login if (!$session->isUserLoggedIn(true)): $session->msg('d','Please Sign in'); redirect('index.php', false); //if Group status Deactive elseif($login_level['group_status'] === '0'): //Line 195 $session->msg('d','User Banned'); redirect('home.php',false); //checking logged in User level and Require level is Less than or equal to elseif($current_user['user_level'] <= (int)$require_level): return true; else: $session->msg("d", "Error"); redirect('home.php', false); endif; }