PHP Login and Approval

[seb213]

Hi Guys --

 

I'm a total newb with PHP so please bare with me, any help/tips/tricks would be greatly appreciated as I'm learning on the fly.

 

I created... well pieced together..  a script (PHP) to allow users to register a username and password (SQL) to access a members area. Works great, but the one feature I need help with is admin authentication.

 

I'd like an administrator to have the ability of approving or declining a membership request. I figured an easy way to do so would be to have a field in the 'member' table of 'approve' = 1 or 0. With that in place, I should be able to make a page that prints all 'members' and displays the approval status, then allow for a toggle to set between '0' or '1'.

 

This is where I'm having the mental block. I know I need to query the database, loop through the 'members' and echo the 'name' and 'approval' status, but I'm not quite sure how to do so or how to structure  the HTML code so one may "toggle" the field for easy use.

 

This is my PHP DB Connect and fetch so far:

 

<? ob_start(); session_start();include_once"config.php";
if(!isset($_SESSION['username']) || !isset($_SESSION['password'])){
header("Location: login.php");
}else{
$final_user = $_SESSION[username];
$user_data = "".$_SESSION['username']."";
$fetch_users_data = mysql_fetch_object(mysql_query("SELECT * FROM `members` WHERE `username`='".$user_data."'"));
}
?>

 

The row's of the 'members' table are:

 

id  username password email ip date	 approve

 

Can anyone please help me out with this?

 

Thanks in advance, Steve.

[Pikachu2000]

How are you planning to protect this script so only administrators can access it?

[seb213]

I'm using session authentication, is that adequate?