Jump to content

Recommended Posts

I'm not that well versed in PHP, so please excuse my ignorance, but here's the problem I'm having.

I've got a simple member script, which consists of a login form, a members area, and an admin area. The script uses MySQL as a DB backend. Here's how it works:

1.) As a user attempts to go to the members area (by calling up members.php), they're redirected to the login (login.php) form if they've not yet logged in. Once they have a good session (i.e. - their user name exists, and their password matches with their username) they're redirected to the members area.

2.) members.php is loaded, and a simple check is performed against the database to see if the user is an administrator or not. If they are, a link to admin.php is printed at the top of the page. If they're not an admin, the page is loaded the same way, sans the link.

Now, I used to use the following block of code, and it worked just fine:

(NOTE: the "isadmin" column in the database is ALWAYS either "1" or "0", and there is a connection to the database already open at the beginning of the script.)

[code]

// Make things easier...

$loginname = "".$_SESSION["login"]."";

// Now, we need to check if the user is an administrator or not...
// Let's pull that info from the DB, shall we?

$admsql = "SELECT isadmin FROM users WHERE login = '$loginname'";
$admresult = mysql_query($admsql) or die(mysql_error());
if (mysql_num_rows($admresult) == 1) {
$isadmin = mysql_result($admresult, 0, 'isadmin');
} else {
echo "(There was an error fetching this, please contact an admin ASAP.)";
}

// Ok, now that we have the value, let's print a link to admin.php
// in the links on top of the page is the user is an admin.
// If they're not, we'll print out the header sans that link...

if ($isadmin == 0) {
print("<center><h2><b>".$_SESSION["login"]."'s Member Area</b></h2>\n");
print("<a href=\"logout.php?".session_name()."=".session_id()."\">Logout</a></center>");
print("Welcome to your member area, <b>".$_SESSION["login"]."</b><br><br>\n");
}
else {
print("<center><h2><b>".$_SESSION["login"]."'s Member Area</b></h2>\n");
print("<a href=\"admin.php\">Go to the Admin Area</a> | <a href=\"logout.php?".session_name()."=".session_id()."\">Logout</a><br><br></center>");
print("Welcome to your member area, <b>".$_SESSION["login"]."</b><br><br>\n");
}

[/code]

That's all well and good, but I realized that I could use the same code throughout the site for different features, so I decided to try and make a function, which kind of blew up in my face. Here's the aborted function code:

[code]
function isAdmin($loginname) {
    global $link;

    $admquery = "SELECT isadmin FROM users WHERE login = '$loginname'";
    $admresult = mysql_query($admquery) or die(mysql_error());
    if ($admresult == 1) {
    return true;
    }
    else { return false; }
} // end func isAdmin($loginname)

[/code]

Right now, I'm trying to handle things in the areas I call the function like this:

[code]
if (isAdmin($loginname) == TRUE) {
print out the header with the link
}
else {
don't print the header with the link
}
[/code]

I call the function using [b]isadmin($loginname);[/b] in the script(s) as shown above, but now all members get the link on the top of their members area (the link to admin.php), and all users can access the admin script as well.

So, I guess my question is, how do I fix my function to make it do the same thing as my original code block? I'm kind of lost here.

Thanks in advance,

--Tom
Link to comment
https://forums.phpfreaks.com/topic/10306-handling-a-functions-return-value/
Share on other sites

try this:

if (($blah = isAdmin($loginname)) == TRUE) {
print out the header with the link
}
else {
don't print the header with the link
}

or

$blah = isAdmin($loginname);
if ($blah == TRUE) {
print out the header with the link
}
else {
don't print the header with the link
}
[!--quoteo(post=376519:date=May 23 2006, 08:37 PM:name=Crayon Violent)--][div class=\'quotetop\']QUOTE(Crayon Violent @ May 23 2006, 08:37 PM) [snapback]376519[/snapback][/div][div class=\'quotemain\'][!--quotec--]
try this:

if (($blah = isAdmin($loginname)) == TRUE) {
print out the header with the link
}
else {
don't print the header with the link
}

or

$blah = isAdmin($loginname);
if ($blah == TRUE) {
print out the header with the link
}
else {
don't print the header with the link
}
[/quote]

Unfortunately, I get the same problem...everyone has access to the link and the admin.php script using that... [img src=\"style_emoticons/[#EMO_DIR#]/huh.gif\" style=\"vertical-align:middle\" emoid=\":huh:\" border=\"0\" alt=\"huh.gif\" /]
not entirely sure about this, but in your function you use lowercase true/false but in your call to it you check to see if it is TRUE/FALSE (caps). maybe they need to be the same?

also, hows about trying to return an actual variable as true or false in your function?

like

if ($admresult == 1) {
$valid = true;
return $valid;
[!--quoteo(post=376545:date=May 23 2006, 11:12 PM:name=Crayon Violent)--][div class=\'quotetop\']QUOTE(Crayon Violent @ May 23 2006, 11:12 PM) [snapback]376545[/snapback][/div][div class=\'quotemain\'][!--quotec--]
not entirely sure about this, but in your function you use lowercase true/false but in your call to it you check to see if it is TRUE/FALSE (caps). maybe they need to be the same?

also, hows about trying to return an actual variable as true or false in your function?

like

if ($admresult == 1) {
$valid = true;
return $valid;
[/quote]

~AHA!~ That first bit doesn't really matter (or it didn't), but that second part did...here's what eventually worked for me, for reference:

The isAdmin(); Function:
[code]
function isAdmin($loginname) {
    global $link;


    $admsql = "SELECT isadmin FROM users WHERE login = '$loginname'";
    $admresult = mysql_query($admsql) or die(mysql_error());
    if (mysql_num_rows($admresult) == 1) {
        $isadmin = mysql_result($admresult, 0, 'isadmin');
        return $isadmin;
    } else {
        return FALSE;
    }
} // end func isAdmin($loginname)
[/code]

How I utilized it in the members area:
[code]
isadmin = isAdmin($loginname);
if ($isadmin == 0) {
print("<h2><b>".$_SESSION["login"]."'s Member Area</b></h2>\n");
print("<a href=\"logout.php?".session_name()."=".session_id()."\">Logout</a></center>");
print("Welcome to your member area, <b>".$_SESSION["login"]."</b><br><br>\n");
}
else {
print("<h2><b>".$_SESSION["login"]."'s Point Summary</b></h2>\n");
print("<a href=\"admin.php\">Go to the Admin Area</a> | <a href=\"logout.php?".session_name()."=".session_id()."\">Logout</a><br><br></center>");
print("Welcome to your member area, <b>".$_SESSION["login"]."</b><br><br>\n");
}

[/code]

Thanks alot, crayon! :-)
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.