Jump to content

Recommended Posts

I am using a script that has became "obsolete" and there is no support for it.

 

So i'm asking here how to get the script to check for an admin. heres the page i want to check for admin status

<?php

if ($uId) {
    if ($uCan)
        echo "Hey! <STRONG>$uName</STRONG>"; // hello member!
    	echo '<p>';
	echo '<strong>User Menu</strong>';
	echo '<br>';
	echo '<br>';
   		echo "<a href=\"index.php?action=editprofile\">Edit Profile</a> <br>";
    	echo "<a href=\"index.php?action=memberlist\">View Members</a> <br>";
    	echo "<a href=\"index.php?action=logout\">Logout</a> <br>";
    	echo '</p>';
    	echo "<BR>";
		if ($admin = '2'); 
			echo '<strong>Admin</strong>';
			echo '<br />';
			echo '<br />';
			echo '<a href="index.php?action=theme">Change Theme</a> <br>';
			echo '<a href="index.php?action=news">Edit News</a> <br>';
			echo '<a href="index.php?action=general">General Settings</a> <br>';
} else { // if this isn't a member then
echo "<br>";
include ('login.php');
    echo "Welcome, <STRONG>$uName</STRONG>!";
    echo '<p>';
    echo "<br>";
    echo "<a href=\"index.php?action=login\">Login</a>";
    echo "<br>";
    echo "<a href=\"index.php?action=register\">Sign up</a>";
    echo '</p>';
}

echo "<BR>"; //break
echo "<BR>"; // break
echo '<img src="theme/'.$theme.'/i/blah.png" alt=\"Bubble\"><STRONG>Partners</STRONG>';
// to enable please remvoe the comments //

include('partners.php');

include('other.php');
?>

Link to comment
https://forums.phpfreaks.com/topic/135757-script-not-checking-for-user/
Share on other sites

First, yes i use sessions

 

and second

 

the page that i put the source code for is nav.php which is included in index.php along with some others. and all pages load within a switch statement.

 

and you create a admin user when your install the script just like smf and all the others. the variable for the membergroup is $uMembergroup and i tried $uMembergroup = "admin" and that didn't work

ok heres the files

 

login.php

<BR><STRONG><img src="theme/<?php echo $theme;?>/i/key.png"> Login</STRONG>
<?php

ob_start();
session_start();
if ($uId) {

    //If they are logged in, they don't need to be here
    header("Location: " . SITE_PATH . "/index.php");

} else {


    if (!isset($_POST['login'])) {

        //If the post hasn't been submitted, then show the forms

        echo '<BR><p><form method="post" action="index.php?action=login">

<b>Username:</b><input class="field" type="text" name="username"><br />
<br />
<b>Password:</b><input class="field" type="password" name="password"><br />

<input class="submit" type="submit" name="login" value="Login"><p>
</form>
<br>
<a href="index.php?action=forgot">Forgot Password?</a> | <a href="index.php?action=register">Register</a>';

    } else {


        //secure the input
        $username = secure($_POST['username']);
        $password = secure($_POST['password']);

        //make sure the fields arn't empty
        if (!$username | !$password) {

            echo 'You left a field empty';

        } else {

            //make sure the user exists
            $user = mysql_query("SELECT * FROM `users` WHERE username = '$username'");

            if (($usez = mysql_num_rows($user)) == 0) {
                echo 'user doesnt exist';
            } else {
                //Encrypt the password to check with the encrypted one currently in the database
                $encpass = md5($password . SALT);

                //Find the user
                $superquery = mysql_query("SELECT * FROM `users` WHERE username = '$username' AND password = '$encpass'");


                if (mysql_num_rows($superquery) == 1) {

                    //If the user is found, set the cookies

                    setcookie("username", $username, $cookieTime);
                    setcookie("password", $encpass, $cookieTime);


                    echo 'Success, you are now logged in.';
                       header("Location: " . SITE_PATH . "/index.php");

                } else {

                    echo 'Failure';

                }
            }
        }
    }
}
?>

 

nav.php

<?php

if ($uId) {
    if ($uCan)
        echo "Hey! <STRONG>$uName</STRONG>"; // hello member!
    	echo '<p>';
	echo '<strong>User Menu</strong>';
	echo '<br>';
	echo '<br>';
   		echo "<a href=\"index.php?action=editprofile\">Edit Profile</a> <br>";
    	echo "<a href=\"index.php?action=memberlist\">View Members</a> <br>";
    	echo "<a href=\"index.php?action=logout\">Logout</a> <br>";
    	echo '</p>';
    	echo "<BR>";
		if($_SESSION["admin"]==1)   // Checks for Admin
           {
			print '<strong>Admin</strong>';
			print '<br />';
			print '<br />';
			print '<a href="index.php?action=theme">Change Theme</a> <br>';
			print '<a href="index.php?action=news">Edit News</a> <br>';
			print '<a href="index.php?action=general">General Settings</a> <br>';
           }  

} else { // if this isn't a member then
echo "<br>";
include ('login.php');
    echo "Welcome, <STRONG>$uName</STRONG>!";
    echo '<p>';
    echo "<br>";
    echo "<a href=\"index.php?action=login\">Login</a>";
    echo "<br>";
    echo "<a href=\"index.php?action=register\">Sign up</a>";
    echo '</p>';
}

echo "<BR>"; //break
echo "<BR>"; // break
echo '<img src="theme/'.$theme.'/i/blah.png" alt=\"Bubble\"><STRONG>Partners</STRONG>';
// to enable please remvoe the comments //

include('partners.php');

include('other.php');
?>

First post I noticed that you're using an operator to compare the $admin variable.  You have:

 

if ($admin = '2'); 

 

and needs to be

 

if ($admin == 2) {

 

There are a couple other basic mistakes...

 

Anyway, you need to have a session that stores the user's ID.  That way when you can check if they're admin on any page.

 

Is uMemberGroup a field in your database?

then tell me why when i post in that thread it doesn't post it. I ahve posted twice there and they didn't show so i started a knew thread for it. I want to get this problem solved so i can get started on my next project. Getting this fixed will allow me to get my site going

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.