plasmagames Posted December 6, 2008 Share Posted December 6, 2008 I am using a script that has became "obsolete" and there is no support for it. So i'm asking here how to get the script to check for an admin. heres the page i want to check for admin status <?php if ($uId) { if ($uCan) echo "Hey! <STRONG>$uName</STRONG>"; // hello member! echo '<p>'; echo '<strong>User Menu</strong>'; echo '<br>'; echo '<br>'; echo "<a href=\"index.php?action=editprofile\">Edit Profile</a> <br>"; echo "<a href=\"index.php?action=memberlist\">View Members</a> <br>"; echo "<a href=\"index.php?action=logout\">Logout</a> <br>"; echo '</p>'; echo "<BR>"; if ($admin = '2'); echo '<strong>Admin</strong>'; echo '<br />'; echo '<br />'; echo '<a href="index.php?action=theme">Change Theme</a> <br>'; echo '<a href="index.php?action=news">Edit News</a> <br>'; echo '<a href="index.php?action=general">General Settings</a> <br>'; } else { // if this isn't a member then echo "<br>"; include ('login.php'); echo "Welcome, <STRONG>$uName</STRONG>!"; echo '<p>'; echo "<br>"; echo "<a href=\"index.php?action=login\">Login</a>"; echo "<br>"; echo "<a href=\"index.php?action=register\">Sign up</a>"; echo '</p>'; } echo "<BR>"; //break echo "<BR>"; // break echo '<img src="theme/'.$theme.'/i/blah.png" alt=\"Bubble\"><STRONG>Partners</STRONG>'; // to enable please remvoe the comments // include('partners.php'); include('other.php'); ?> Link to comment https://forums.phpfreaks.com/topic/135757-script-not-checking-for-user/ Share on other sites More sharing options...
samona Posted December 6, 2008 Share Posted December 6, 2008 are you using sessions? Link to comment https://forums.phpfreaks.com/topic/135757-script-not-checking-for-user/#findComment-707359 Share on other sites More sharing options...
Twister1004 Posted December 6, 2008 Share Posted December 6, 2008 Well, I dont see where "Admin" is declared. Just from my perspective, I would make a new row in your "account" table and name it with admins, and use an SQL statement there. Link to comment https://forums.phpfreaks.com/topic/135757-script-not-checking-for-user/#findComment-707362 Share on other sites More sharing options...
plasmagames Posted December 6, 2008 Author Share Posted December 6, 2008 First, yes i use sessions and second the page that i put the source code for is nav.php which is included in index.php along with some others. and all pages load within a switch statement. and you create a admin user when your install the script just like smf and all the others. the variable for the membergroup is $uMembergroup and i tried $uMembergroup = "admin" and that didn't work Link to comment https://forums.phpfreaks.com/topic/135757-script-not-checking-for-user/#findComment-707585 Share on other sites More sharing options...
plasmagames Posted December 12, 2008 Author Share Posted December 12, 2008 ok heres the files login.php <BR><STRONG><img src="theme/<?php echo $theme;?>/i/key.png"> Login</STRONG> <?php ob_start(); session_start(); if ($uId) { //If they are logged in, they don't need to be here header("Location: " . SITE_PATH . "/index.php"); } else { if (!isset($_POST['login'])) { //If the post hasn't been submitted, then show the forms echo '<BR><p><form method="post" action="index.php?action=login"> <b>Username:</b><input class="field" type="text" name="username"><br /> <br /> <b>Password:</b><input class="field" type="password" name="password"><br /> <input class="submit" type="submit" name="login" value="Login"><p> </form> <br> <a href="index.php?action=forgot">Forgot Password?</a> | <a href="index.php?action=register">Register</a>'; } else { //secure the input $username = secure($_POST['username']); $password = secure($_POST['password']); //make sure the fields arn't empty if (!$username | !$password) { echo 'You left a field empty'; } else { //make sure the user exists $user = mysql_query("SELECT * FROM `users` WHERE username = '$username'"); if (($usez = mysql_num_rows($user)) == 0) { echo 'user doesnt exist'; } else { //Encrypt the password to check with the encrypted one currently in the database $encpass = md5($password . SALT); //Find the user $superquery = mysql_query("SELECT * FROM `users` WHERE username = '$username' AND password = '$encpass'"); if (mysql_num_rows($superquery) == 1) { //If the user is found, set the cookies setcookie("username", $username, $cookieTime); setcookie("password", $encpass, $cookieTime); echo 'Success, you are now logged in.'; header("Location: " . SITE_PATH . "/index.php"); } else { echo 'Failure'; } } } } } ?> nav.php <?php if ($uId) { if ($uCan) echo "Hey! <STRONG>$uName</STRONG>"; // hello member! echo '<p>'; echo '<strong>User Menu</strong>'; echo '<br>'; echo '<br>'; echo "<a href=\"index.php?action=editprofile\">Edit Profile</a> <br>"; echo "<a href=\"index.php?action=memberlist\">View Members</a> <br>"; echo "<a href=\"index.php?action=logout\">Logout</a> <br>"; echo '</p>'; echo "<BR>"; if($_SESSION["admin"]==1) // Checks for Admin { print '<strong>Admin</strong>'; print '<br />'; print '<br />'; print '<a href="index.php?action=theme">Change Theme</a> <br>'; print '<a href="index.php?action=news">Edit News</a> <br>'; print '<a href="index.php?action=general">General Settings</a> <br>'; } } else { // if this isn't a member then echo "<br>"; include ('login.php'); echo "Welcome, <STRONG>$uName</STRONG>!"; echo '<p>'; echo "<br>"; echo "<a href=\"index.php?action=login\">Login</a>"; echo "<br>"; echo "<a href=\"index.php?action=register\">Sign up</a>"; echo '</p>'; } echo "<BR>"; //break echo "<BR>"; // break echo '<img src="theme/'.$theme.'/i/blah.png" alt=\"Bubble\"><STRONG>Partners</STRONG>'; // to enable please remvoe the comments // include('partners.php'); include('other.php'); ?> Link to comment https://forums.phpfreaks.com/topic/135757-script-not-checking-for-user/#findComment-713255 Share on other sites More sharing options...
Maq Posted December 12, 2008 Share Posted December 12, 2008 First post I noticed that you're using an operator to compare the $admin variable. You have: if ($admin = '2'); and needs to be if ($admin == 2) { There are a couple other basic mistakes... Anyway, you need to have a session that stores the user's ID. That way when you can check if they're admin on any page. Is uMemberGroup a field in your database? Link to comment https://forums.phpfreaks.com/topic/135757-script-not-checking-for-user/#findComment-713285 Share on other sites More sharing options...
plasmagames Posted December 18, 2008 Author Share Posted December 18, 2008 then tell me why when i post in that thread it doesn't post it. I ahve posted twice there and they didn't show so i started a knew thread for it. I want to get this problem solved so i can get started on my next project. Getting this fixed will allow me to get my site going Link to comment https://forums.phpfreaks.com/topic/135757-script-not-checking-for-user/#findComment-719156 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.