plasmagames Posted December 6, 2008 Share Posted December 6, 2008 I am using a script that has became "obsolete" and there is no support for it. So i'm asking here how to get the script to check for an admin. heres the page i want to check for admin status <?php if ($uId) { if ($uCan) echo "Hey! <STRONG>$uName</STRONG>"; // hello member! echo '<p>'; echo '<strong>User Menu</strong>'; echo '<br>'; echo '<br>'; echo "<a href=\"index.php?action=editprofile\">Edit Profile</a> <br>"; echo "<a href=\"index.php?action=memberlist\">View Members</a> <br>"; echo "<a href=\"index.php?action=logout\">Logout</a> <br>"; echo '</p>'; echo "<BR>"; if ($admin = '2'); echo '<strong>Admin</strong>'; echo '<br />'; echo '<br />'; echo '<a href="index.php?action=theme">Change Theme</a> <br>'; echo '<a href="index.php?action=news">Edit News</a> <br>'; echo '<a href="index.php?action=general">General Settings</a> <br>'; } else { // if this isn't a member then echo "<br>"; include ('login.php'); echo "Welcome, <STRONG>$uName</STRONG>!"; echo '<p>'; echo "<br>"; echo "<a href=\"index.php?action=login\">Login</a>"; echo "<br>"; echo "<a href=\"index.php?action=register\">Sign up</a>"; echo '</p>'; } echo "<BR>"; //break echo "<BR>"; // break echo '<img src="theme/'.$theme.'/i/blah.png" alt=\"Bubble\"><STRONG>Partners</STRONG>'; // to enable please remvoe the comments // include('partners.php'); include('other.php'); ?> Quote Link to comment https://forums.phpfreaks.com/topic/135757-script-not-checking-for-user/ Share on other sites More sharing options...
samona Posted December 6, 2008 Share Posted December 6, 2008 are you using sessions? Quote Link to comment https://forums.phpfreaks.com/topic/135757-script-not-checking-for-user/#findComment-707359 Share on other sites More sharing options...
Twister1004 Posted December 6, 2008 Share Posted December 6, 2008 Well, I dont see where "Admin" is declared. Just from my perspective, I would make a new row in your "account" table and name it with admins, and use an SQL statement there. Quote Link to comment https://forums.phpfreaks.com/topic/135757-script-not-checking-for-user/#findComment-707362 Share on other sites More sharing options...
plasmagames Posted December 6, 2008 Author Share Posted December 6, 2008 First, yes i use sessions and second the page that i put the source code for is nav.php which is included in index.php along with some others. and all pages load within a switch statement. and you create a admin user when your install the script just like smf and all the others. the variable for the membergroup is $uMembergroup and i tried $uMembergroup = "admin" and that didn't work Quote Link to comment https://forums.phpfreaks.com/topic/135757-script-not-checking-for-user/#findComment-707585 Share on other sites More sharing options...
plasmagames Posted December 12, 2008 Author Share Posted December 12, 2008 ok heres the files login.php <BR><STRONG><img src="theme/<?php echo $theme;?>/i/key.png"> Login</STRONG> <?php ob_start(); session_start(); if ($uId) { //If they are logged in, they don't need to be here header("Location: " . SITE_PATH . "/index.php"); } else { if (!isset($_POST['login'])) { //If the post hasn't been submitted, then show the forms echo '<BR><p><form method="post" action="index.php?action=login"> <b>Username:</b><input class="field" type="text" name="username"><br /> <br /> <b>Password:</b><input class="field" type="password" name="password"><br /> <input class="submit" type="submit" name="login" value="Login"><p> </form> <br> <a href="index.php?action=forgot">Forgot Password?</a> | <a href="index.php?action=register">Register</a>'; } else { //secure the input $username = secure($_POST['username']); $password = secure($_POST['password']); //make sure the fields arn't empty if (!$username | !$password) { echo 'You left a field empty'; } else { //make sure the user exists $user = mysql_query("SELECT * FROM `users` WHERE username = '$username'"); if (($usez = mysql_num_rows($user)) == 0) { echo 'user doesnt exist'; } else { //Encrypt the password to check with the encrypted one currently in the database $encpass = md5($password . SALT); //Find the user $superquery = mysql_query("SELECT * FROM `users` WHERE username = '$username' AND password = '$encpass'"); if (mysql_num_rows($superquery) == 1) { //If the user is found, set the cookies setcookie("username", $username, $cookieTime); setcookie("password", $encpass, $cookieTime); echo 'Success, you are now logged in.'; header("Location: " . SITE_PATH . "/index.php"); } else { echo 'Failure'; } } } } } ?> nav.php <?php if ($uId) { if ($uCan) echo "Hey! <STRONG>$uName</STRONG>"; // hello member! echo '<p>'; echo '<strong>User Menu</strong>'; echo '<br>'; echo '<br>'; echo "<a href=\"index.php?action=editprofile\">Edit Profile</a> <br>"; echo "<a href=\"index.php?action=memberlist\">View Members</a> <br>"; echo "<a href=\"index.php?action=logout\">Logout</a> <br>"; echo '</p>'; echo "<BR>"; if($_SESSION["admin"]==1) // Checks for Admin { print '<strong>Admin</strong>'; print '<br />'; print '<br />'; print '<a href="index.php?action=theme">Change Theme</a> <br>'; print '<a href="index.php?action=news">Edit News</a> <br>'; print '<a href="index.php?action=general">General Settings</a> <br>'; } } else { // if this isn't a member then echo "<br>"; include ('login.php'); echo "Welcome, <STRONG>$uName</STRONG>!"; echo '<p>'; echo "<br>"; echo "<a href=\"index.php?action=login\">Login</a>"; echo "<br>"; echo "<a href=\"index.php?action=register\">Sign up</a>"; echo '</p>'; } echo "<BR>"; //break echo "<BR>"; // break echo '<img src="theme/'.$theme.'/i/blah.png" alt=\"Bubble\"><STRONG>Partners</STRONG>'; // to enable please remvoe the comments // include('partners.php'); include('other.php'); ?> Quote Link to comment https://forums.phpfreaks.com/topic/135757-script-not-checking-for-user/#findComment-713255 Share on other sites More sharing options...
Maq Posted December 12, 2008 Share Posted December 12, 2008 First post I noticed that you're using an operator to compare the $admin variable. You have: if ($admin = '2'); and needs to be if ($admin == 2) { There are a couple other basic mistakes... Anyway, you need to have a session that stores the user's ID. That way when you can check if they're admin on any page. Is uMemberGroup a field in your database? Quote Link to comment https://forums.phpfreaks.com/topic/135757-script-not-checking-for-user/#findComment-713285 Share on other sites More sharing options...
plasmagames Posted December 18, 2008 Author Share Posted December 18, 2008 then tell me why when i post in that thread it doesn't post it. I ahve posted twice there and they didn't show so i started a knew thread for it. I want to get this problem solved so i can get started on my next project. Getting this fixed will allow me to get my site going Quote Link to comment https://forums.phpfreaks.com/topic/135757-script-not-checking-for-user/#findComment-719156 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.