ChenXiu Posted August 1, 2021 Share Posted August 1, 2021 Is there a shorthand for: if( $dog != 'bark' ) exit( ' go away ' ); This obviously doesn't work (but I tried it anyway 😃 ) ( $dog != 'bark' ) ?? exit( ' go away ' ); .... I also tried every permutation of: $dog = 'bark' ?? exit('go away'); Maybe a stupid question... after typing it out, if($dog!='bark') exit('go away'); looks pretty short already. Quote Link to comment Share on other sites More sharing options...
Barand Posted August 1, 2021 Share Posted August 1, 2021 31 minutes ago, ChenXiu said: Maybe a stupid question... Looks like you've found the answer by yourself Quote Link to comment Share on other sites More sharing options...
ChenXiu Posted August 2, 2021 Author Share Posted August 2, 2021 😃 Okay I got another one: if(!isset($_SESSION["username"]) && $_SESSION["username"] != 'admin')) { exit; } That's another one I wish I could shorten. If I just do "if($_SESSION["username"] != 'admin')" then I'll get an "undefined index 'username'" error if $_SESSION["username"] wasn't already set... Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted August 2, 2021 Share Posted August 2, 2021 this doesn't directly answer your question, but you should store the user's id (auto-increment integer primary index) in a session variable to indicate who the logged in user is, then on each page request execute an sql query(ies) to get any other user information, such as the username, email address, or user permissions. this will insure that any changes made to this user information will take effect on the very next page request, without requiring someone to log out and back in again. if the user_id session variable is not set, you would setup a default set of 'user' values, in a regular php array variable, that indicates a non-logged in 'guest.' if the session variable is set, you would use it in a query to get the actual user's information and store it in the php array variable. you would then test and use the contents of this variable in the rest of the code on the page to determine what to display or what action can be performed on the page. if you want to halt execution if the user isn't logged in or is not an admin, per your example, you would test if the final user's permission data doesn't contain the admin permission value. Quote Link to comment Share on other sites More sharing options...
kicken Posted August 2, 2021 Share Posted August 2, 2021 44 minutes ago, ChenXiu said: then I'll get an "undefined index 'username'" error This is where that ?? operator you tried earlier would come in. It will prevent that error from occurring by providing a default value if the variable isn't set. You can also avoid the if using && if you wanted, though one could argue over which is better from a readability standpoint. ($_SESSION["username"]??'') != 'admin' && exit; 1 Quote Link to comment Share on other sites More sharing options...
requinix Posted August 2, 2021 Share Posted August 2, 2021 1 hour ago, ChenXiu said: if(!isset($_SESSION["username"]) && $_SESSION["username"] != 'admin')) { exit; } Note that your logic is wrong, so you'll have to change something. Quote Link to comment Share on other sites More sharing options...
ChenXiu Posted August 2, 2021 Author Share Posted August 2, 2021 9 hours ago, requinix said: your logic is wrong LOL -- the "&" and the "|" are right next to each other on my keyboard 😃 Actually, there comes a point at the end of the day where no matter what I type it is wrong and it generates an error. echo hello; (oops I forgot the quotes). echo 'hello' (oops I forgot the semicolon). But thank you for pointing that out, I'll double-check my actual code to make sure it's not really that way. 10 hours ago, mac_gyver said: this doesn't directly answer your question Thank you, those are very good points. To paraphrase back to you what you said to ensure I understand the idea, it sounds like the proper way to do this is to, no matter what, have the $_SESSION["username"] always set with minimum default values.... then add/change permissions via mySQL as necessary -- thus: 1.) making the check for isset($_SESSION["username"]) unnecessary 2.) giving better (more uniform) control over users (via backend, without needing the user to logout then log back in) 3.) Future-proofing (although just 2 users today, maybe 50 users a year from now). A year ago, I would have said "doing it that way is complicated and a big waste of time because there's only myself and one other user." But I've quickly learned that if I don't code stuff correctly in the beginning, I end up spending days and days re-coding everything per the advice given right here that I should have followed in the beginning 😁 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.