Jump to content

[SOLVED] Drop Down Menu Hide Part When Admin Logged In

karl_009

By karl_009
in PHP Coding Help

 Share

Recommended Posts

karl_009 Member

karl_009

Posted
Posted

Hello,

 

I have a JavaScript drop down menu that I have integrated into my PHP site, I would like part of the menu to be inaccessible to standard users and for the admin users to view this part of the menu.

 

Here is the code for the Drop Down Menu.

The M6 menu Admin Tools is the part to be hidden when an non admin is logged in.

<body>
<ul id="sddm">
<li><a href="#" onMouseOver="mopen('m1')" onMouseOut="mclosetime()">Inventory</a>
	<div id="m1" onMouseOver="mcancelclosetime()" onMouseOut="mclosetime()">
	<a href="../index.php">Computers</a>
	<a href="#">Servers</a>
	<a href="#">Laptops</a>
	<a href="#">Printers</a>
	<a href="#">Misc</a>
	</div>
</li>
<li><a href="#" onMouseOver="mopen('m2')" onMouseOut="mclosetime()">Download</a>
	<div id="m2" onMouseOver="mcancelclosetime()" onMouseOut="mclosetime()">
	<a href="#">ASP Dropdown</a>
	<a href="#">Pulldown menu</a>
	<a href="#">AJAX dropdown</a>
	<a href="#">DIV dropdown</a>
	</div>
</li>
<li><a href="#" onMouseOver="mopen('m3')" onMouseOut="mclosetime()">Order</a>
	<div id="m3" onMouseOver="mcancelclosetime()" onMouseOut="mclosetime()">
	<a href="#">Visa Credit Card</a>
	<a href="#">Paypal</a>
	</div>
</li>
<li><a href="#" onMouseOver="mopen('m4')" onMouseOut="mclosetime()">Help</a>
	<div id="m4" onMouseOver="mcancelclosetime()" onMouseOut="mclosetime()">
	<a href="#">Download Help File</a>
	<a href="#">Read online</a>
	</div>
</li>
<li><a href="#" onMouseOver="mopen('m5')" onMouseOut="mclosetime()">Contact</a>
	<div id="m5" onMouseOver="mcancelclosetime()" onMouseOut="mclosetime()">
	<a href="#">E-mail</a>
	<a href="#">Submit Request Form</a>
	<a href="#">Call Center</a>
	</div>
</li>
    <li><a href="#" onMouseOver="mopen('m6')" onMouseOut="mclosetime()">Admin Tools</a>
	<div id="m6" onMouseOver="mcancelclosetime()" onMouseOut="mclosetime()">
	<a href="#">Admin Centre</a>
	<a href="#">Request User Form</a>
	</div>
</li>
</ul>
<div style="clear:both"></div>
<div style="clear:both"></div>
<!-- dd menu -->
<script type="text/javascript">

var timeout         = 500;
var closetimer	= 0;
var ddmenuitem     = 0;

// open hidden layer
function mopen(id)
{	
// cancel close timer
mcancelclosetime();

// close old layer
if(ddmenuitem) ddmenuitem.style.visibility = 'hidden';

// get new layer and show it
ddmenuitem = document.getElementById(id);
ddmenuitem.style.visibility = 'visible';

}
// close showed layer
function mclose()
{
if(ddmenuitem) ddmenuitem.style.visibility = 'hidden';
}

// go close timer
function mclosetime()
{
closetimer = window.setTimeout(mclose, timeout);
}

// cancel close timer
function mcancelclosetime()
{
if(closetimer)
{
	window.clearTimeout(closetimer);
	closetimer = null;
}
}

// close layer when click-out
document.onclick = mclose; 
// -->
</script>
</body>

 

This is an example of the PHP code being used to display a link to the admin page when an admin is logged in.

 

if($session->isAdmin()){
      echo "[<a href=\"admin/admin.php\">Admin Center</a>]   ";
   }

 

Is there away of applying this to the drop down menu, or can a PHP drop down menu be created for this, am new to PHP so am learning as i go.

 

Many Thanks for any and all help you can give.

Karl

Link to comment
Share on other sites
Psycho Prolific Member

Psycho

Posted
Posted

Simple, just enclose that section in a similar if statment. Only included the relevant code for brevity:

	<li><a href="#" onMouseOver="mopen('m5')" onMouseOut="mclosetime()">Contact</a>
	<div id="m5" onMouseOver="mcancelclosetime()" onMouseOut="mclosetime()">
	<a href="#">E-mail</a>
	<a href="#">Submit Request Form</a>
	<a href="#">Call Center</a>
	</div>
</li>
<?php
    if($session->isAdmin()){
?>
    <li><a href="#" onMouseOver="mopen('m6')" onMouseOut="mclosetime()">Admin Tools</a>
	<div id="m6" onMouseOver="mcancelclosetime()" onMouseOut="mclosetime()">
	<a href="#">Admin Centre</a>
	<a href="#">Request User Form</a>
	</div>
</li>
<?php
    }
?>
</ul>
<div style="clear:both"></div>

 

However, if it were my code, I woul rewrit ethe whole thing to be generated dynamically since each "option" is structured the same with different values.

Link to comment
Share on other sites
karl_009 Member

karl_009

Posted
  • Author
Posted

Hello,

 

I have found one last problem with this drop down menu.

 

I have a link to put in the dropdown menu but the link requires some PHP code to be executed, here is the original code;

 

<?php
if($session->logged_in){
   echo "<h1>Logged In</h1>";
   echo "Welcome <b>$session->username</b>, you are logged in. <br><br>"
       ."[<a href=\"userinfo.php?user=$session->username\">My Account</a>]   "
?>

 

The last line of the code is the link I would like to add to the above drop down menu, however instead of getting the username of the logged in person it just tries to get the user info of the user username for every user.

 

<li><a href="#" onMouseOver="mopen('m5')" onMouseOut="mclosetime()">User Tools</a>
	<div id="m5" onMouseOver="mcancelclosetime()" onMouseOut="mclosetime()">
	<a href="userinfo.php?user=$session->username">My Account</a>
	<a href="useredit.php">Edit Account</a>
	<a href="process.php">Logout</a>
	</div>
</li>

 

Is there away around this.

 

Once again many thanks for any help.

Karl

Link to comment
Share on other sites
Psycho Prolific Member

Psycho

Posted
Posted

The problem you state appears to be due to lack of validation on the userinfo.php page. I would suggest NOT appending the username as a parameter to that link. Otherwise any user could append another user's name to that link and see any other user's information - a big security risk. Instead you should just have userinfo.php check the current user's name and use that.

 

However, you might want to append the username to the link for an admin to be able to see other people's info - in which case that page should check if the current user is an admin before using the value on the query string.

 

But, your problem was that '$session->username' is a PHP variable and you put it int he plain HTML code. You need to have it within PHP code to be processed. I showed how that would be done below, but I would still advise against that kind of method.

 

<li><a href="#" onMouseOver="mopen('m5')" onMouseOut="mclosetime()">User Tools</a>
	<div id="m5" onMouseOver="mcancelclosetime()" onMouseOut="mclosetime()">
	<a href="userinfo.php?user=<?php echo $session->username; ?>">My Account</a>
	<a href="useredit.php">Edit Account</a>
	<a href="process.php">Logout</a>
	</div>
</li>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.