Jump to content

Recommended Posts

Is there a shorthand for:
if( $dog  !=  'bark' ) exit( ' go away ' );

This obviously doesn't work (but I tried it anyway 😃 )
( $dog  !=  'bark' ) ?? exit( ' go away ' );

.... I also tried every permutation of:
$dog = 'bark' ?? exit('go away');

Maybe a stupid question... after typing it out, if($dog!='bark') exit('go away'); looks pretty short already.

😃 Okay I got another one:
if(!isset($_SESSION["username"]) && $_SESSION["username"] != 'admin')) { exit; }
That's another one I wish I could shorten.

If I just do "if($_SESSION["username"] != 'admin')" then I'll get an "undefined index 'username'" error if $_SESSION["username"] wasn't already set...

this doesn't directly answer your question, but you should store the user's id (auto-increment integer primary index) in a session variable to indicate who the logged in user is, then on each page request execute an sql query(ies) to get any other user information, such as the username, email address, or user permissions. this will insure that any changes made to this user information will take effect on the very next page request, without requiring someone to log out and back in again.

if the user_id session variable is not set, you would setup a default set of 'user' values, in a regular php array variable, that indicates a non-logged in 'guest.' if the session variable is set, you would use it in a query to get the actual user's information and store it in the php array variable. you would then test and use the contents of this variable in the rest of the code on the page to determine what to display or what action can be performed on the page.

if you want to halt execution if the user isn't logged in or is not an admin, per your example, you would test if the final user's permission data doesn't contain the admin permission value.

44 minutes ago, ChenXiu said:

then I'll get an "undefined index 'username'" error

This is where that ?? operator you tried earlier would come in.  It will prevent that error from occurring by providing a default value if the variable isn't set.

You can also avoid the if using && if you wanted, though one could argue over which is better from a readability standpoint.

($_SESSION["username"]??'') != 'admin' && exit;

 

  • Like 1
9 hours ago, requinix said:

your logic is wrong

LOL -- the "&" and the "|" are right next to each other on my keyboard 😃
Actually, there comes a point at the end of the day where no matter what I type it is wrong and it generates an error.
echo hello; (oops I forgot the quotes). echo 'hello' (oops I forgot the semicolon).
But thank you for pointing that out, I'll double-check my actual code to make sure it's not really that way.

10 hours ago, mac_gyver said:

this doesn't directly answer your question

Thank you, those are very good points. To paraphrase back to you what you said to ensure I understand the idea, it sounds like the proper way to do this is to, no matter what, have the $_SESSION["username"] always set with minimum default values.... then add/change permissions via mySQL as necessary -- thus:
1.) making the check for isset($_SESSION["username"]) unnecessary
2.) giving better (more uniform) control over users (via backend, without needing the user to logout then log back in)
3.) Future-proofing (although just 2 users today, maybe 50 users a year from now).

A year ago, I would have said "doing it that way is complicated and a big waste of time because there's only myself and one other user." But I've quickly learned that if I don't code stuff correctly in the beginning, I end up spending days and days re-coding everything per the advice given right here that I should have followed in the beginning 😁

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.