jkewlo Posted July 7, 2008 Share Posted July 7, 2008 hello i am trying to make it so that only admins can see a link normally i can do this. but it has me stomped. the session is stored on the checklogin page $_SESSION['Admin'] = $rows['admin']; it works but shows for a accoun i made with no admin priv's i want it so that only user's with admin level 3 can see this link <? $admin = $_SESSION['Admin']; if($admin == "3"){ echo "<a href=delete.php?id=". $rows['id'] .">Delete</a>"; }else{ echo "";} ?> Link to comment https://forums.phpfreaks.com/topic/113613-solved-if-else-statement-help/ Share on other sites More sharing options...
revraz Posted July 7, 2008 Share Posted July 7, 2008 Your logic looks fine, so I assume if you echo $admin it's set to 3? If so, you need to trace back why. Link to comment https://forums.phpfreaks.com/topic/113613-solved-if-else-statement-help/#findComment-583778 Share on other sites More sharing options...
jkewlo Posted July 7, 2008 Author Share Posted July 7, 2008 i have several times my database base is set to 3 for the user Gr|nd3r and 1 for the user Jkewlo maybe the == needs to be something else ? here is all my code main_forum.php <? include("data/connect.php"); session_start(); ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> <style type="text/css"> body { background-color: #000000; color: #0099FF; } .style1 {color: #1DA2FF} --> input { background-color: #000000; color: #0099FF; font-size: 75%; border-style: solid; border-width: 1px; border-color: #FFFFFF; } textarea { background-color: #000000; color: #0099FF; border-style: solid; border-width: 1px; border-color: #FFFFFF; } A:link { text-decoration: underline; color: #1DA2FF; } A:visited { text-decoration: underline; color: #1DA2FF; } A:active { text-decoration: underline; color: #1DA2FF; } A:hover { text-decoration: underline; color: #1DA2FF; } td { color: #; text-align: left; } td.options { text-align: right; } td.cat { width: 100%; background-color: #222222; color: #FFFFFF; border-style: solid; border-width: 1px; border-color: #0099FF; } td.post { background-color: #222222; color: #FFFFFF; border-style: solid; border-width: 1px; border-color: #AAAA00; } td.error { width: 100%; background-color: #222222; color: #0099FF; border-style: solid; border-width: 1px; border-color: #AAAA00; text-align: center; } td.moderator { border-style: solid; border-width: 2px; border-color: #FF0000; } td.quote_header { background-color: #FFFFAA; color: #000000 } td.quote { background-color: #444444; color: #FFFFFF; } table.quote_border { border-style: solid: border-width: 1px; border-color: #99FF99; } </style> </head> <body bgcolor="#000000"> <?php $sql="SELECT * FROM $tbl_name ORDER BY id DESC"; // OREDER BY id DESC is order result by descending $result=mysql_query($sql); ?> <center> <table width="1128" bgcolor="#000000"> <!--DWLayoutTable--> <tr> <td width="461" rowspan="3" valign="top" bgcolor="#000000"><div align="center"><a href="main_forum.php?"><img src="img/banner.png" border="0"/></div></td> <td width="309" height="26"> </td> <td width="142" valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0"> <!--DWLayoutTable--> <tr> <td width="142" height="22"> </td> </tr> </table> </td> <td width="189" rowspan="2" valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0"> <!--DWLayoutTable--> <tr> <td width="189" height="68"> <? if($_SESSION['status'] == ''){ echo " <form name=form1 method=post action=checklogin.php> <span class=style1>Username: </span> <input name=myusername type=text id=myusername><br /> <span class=style1>Password</span>: <input name=mypassword type=password id=mypassword><br /> <span class=style1> <input type=submit name=Submit value=Login> <input type=checkbox name=remember /> Remember Me</span> <a href=forgot.php?>Forgot Password!</a> | <a href=signup.php?>Sign up</a></form> ";} else { echo "Welcome: " . $_SESSION['myusername'] ." <br> You have 0 Mail<br><a href=logout.php?>Log Out</a>" ; } ?> <? $admin = $_SESSION['Admin']; if($admin != "3"){ echo "You Are Admin"; }else { echo "Not Admin"; } ?> </td> </tr> </table> </td> <tr> <td height="44"> </td> <td> </td> <tr> <td height="68"> </td> <td> </td> <td> </td> </table> </center> <table width="90%" border="0" align="center" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC"> <!--DWLayoutTable--> <tr> <td width="6%" height="25" align="center" bgcolor="#666666"><strong>Topic ID#</strong></td> <td width="459" align="center" valign="top" bgcolor="#666666"><strong>Topic</strong></td> <td width="268" valign="top" bgcolor="#666666"><strong>Posted By</strong></td> <td width="15%" align="center" bgcolor="#666666"><strong>Views</strong></td> <td width="13%" align="center" bgcolor="#666666"><strong>Replies</strong></td> <td width="13%" align="center" bgcolor="#666666"><strong>Date/Time</strong></td> </tr> <?php while($rows=mysql_fetch_array($result)){ // Start looping table row ?> <tr> <td height="25" bgcolor="#CCCCCC" class="quote"><? echo $rows['id']; ?> <? $admin = $_SESSION['Admin']; if($admin == "3"){ echo "<a href=delete.php?id=". $rows['id'] .">Delete</a>"; }else{ echo "";} ?> </td> <td valign="top" bgcolor="#CCCCCC" class="quote"><a href="view_topic.php?id=<? echo $rows['id']; ?>"><? echo $rows['topic']; ?></a><BR></td> <td valign="top" bgcolor="#444444"><? echo $rows['username']; ?></td> <td align="center" bgcolor="#CCCCCC" class="quote"><? echo $rows['view']; ?></td> <td align="center" bgcolor="#CCCCCC" class="quote"><? echo $rows['reply']; ?></td> <td align="center" bgcolor="#CCCCCC" class="quote"><? echo $rows['datetime']; ?></td> </tr> <?php // Exit looping and close connection } mysql_close(); ?> <tr> <td colspan="6" align="right" bgcolor="#666666"><strong><a href="create_topic.php">Create New Topic</a></strong> </td> </tr> </table> </body> </html> and this is my checklogin.php? <?php session_start(); $host="localhost"; // Host name $username="root"; // Mysql username $password=""; // Mysql password $db_name="Forum"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ $_SESSION['status'] = 'logged'; $_SESSION['username'] = $myusername; $_SESSION['Admin'] = $rows['admin']; // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); session_register("Admin"); header("location:main_forum.php"); } else { echo "Wrong Username or Password"; } ?> its weird why it dosnt want to work right Link to comment https://forums.phpfreaks.com/topic/113613-solved-if-else-statement-help/#findComment-583783 Share on other sites More sharing options...
jkewlo Posted July 7, 2008 Author Share Posted July 7, 2008 Full Texts id username password Level 1 Gr|nd3r ********* 3 2 Jkewlo ********* 1 Link to comment https://forums.phpfreaks.com/topic/113613-solved-if-else-statement-help/#findComment-583787 Share on other sites More sharing options...
revraz Posted July 7, 2008 Share Posted July 7, 2008 Well you are not actually bringing your query data over. You do your query, count a row was returned, but you never retrieve it. You try with $_SESSION['Admin'] = $rows['admin']; but you never set the $rows array. Also, if you use Level as a field name, why do you try to retrieve 'admin'? Link to comment https://forums.phpfreaks.com/topic/113613-solved-if-else-statement-help/#findComment-583793 Share on other sites More sharing options...
jkewlo Posted July 7, 2008 Author Share Posted July 7, 2008 ok so what do i do then? Link to comment https://forums.phpfreaks.com/topic/113613-solved-if-else-statement-help/#findComment-583796 Share on other sites More sharing options...
revraz Posted July 7, 2008 Share Posted July 7, 2008 Put your data into an array so you can use it. Link to comment https://forums.phpfreaks.com/topic/113613-solved-if-else-statement-help/#findComment-583797 Share on other sites More sharing options...
discomatt Posted July 7, 2008 Share Posted July 7, 2008 session_register("myusername"); session_register("mypassword"); session_register("Admin"); is unnecessary Link to comment https://forums.phpfreaks.com/topic/113613-solved-if-else-statement-help/#findComment-583798 Share on other sites More sharing options...
jkewlo Posted July 7, 2008 Author Share Posted July 7, 2008 well i have never set $rows and everything else is working aok Link to comment https://forums.phpfreaks.com/topic/113613-solved-if-else-statement-help/#findComment-583800 Share on other sites More sharing options...
jkewlo Posted July 7, 2008 Author Share Posted July 7, 2008 got it to work. thanks everyone Link to comment https://forums.phpfreaks.com/topic/113613-solved-if-else-statement-help/#findComment-583809 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.