Help with logged in user-detection and inputs?

[chill392]

I have an installation of the database-less blog service Text Rider that I wish to take public, but I want to polish it off, make it prettier, and dumber for the average user before doing so. 

 

I want it to be a system where anyone can register and post to the home page, but users can only modify their own posts, whereas administrators can, of course, modify anything.

 

I realize how incredibly stupid this idea is, but I want to go through with it anyways, to learn programming techniques and user habits.

 

One problem is, by default, any user logged in is presented with "edit this post" buttons for every post, regardless of poster.  Luckily, if it is not their post, they will not be able to actually edit it.  I have attempted to make the if statement only display the button if the user is the author of the post, which works to an extent, but still not enough to actually accept.  It is too hard to describe here, for anyone willing to help me, the index.php file that contains this if statement is attached, and the if statement is as follows:

if($_COOKIE['username'] == $author){
$edit = "|<a href=?page=edit&x=$ffrow>Edit this post</a>";
}else{
echo ""; }

 

Next is, when a user comments on an article, I want the only logged in users to be able to comment, and I want the username of the commenter to show up, as opposed to the commenter entering the display name in a form.  Here is the code for the form, which also is in the attached default.tpl.

Name:
      </td>
      <td width="289" height="1"><input type="text" name="name" onblur="this.value=TrimValue(this.value);">
  <input type="hidden" name="com_id" value={uniq_id}>
  <input type="hidden" name="ip" value={client_ip}>
  </td>
  

    </tr>
    <tr>
      <td width="49" height="1">

 

Lastly, there is a page in the user control panel called "Modify Posts," which lists all of the posts on the site, each with an edit and delete link on them.  I want users to only be able to see their own posts when clicking that link.  This bit is too much to include in a quote, so just look in the attached index.php.

 

If anyone could help me at all, I would be forever greatful.  Thanks anyways!

[per1os]

You are asking a lot.

 

What do you mean the first part only works to an extent? What you need is something like this:

 

if(isset($_COOKIE['username']) && $_COOKIE['username'] == $author || isset($_COOKIE['username']) && isAdmin($_COOKIE['username'])){
$edit = "|<a href=?page=edit&x=$ffrow>Edit this post</a>";
}else{
echo ""; }

 

That should take care of that, allow only author or admin, note you need to create the function isAdmin.

 

For the form part, why even put it into an input field, why not just create like a label, IE:

 

Name:
      </td>
      <td width="289" height="1"><?php print $_COOKIE['username']; ?>
  <input type="hidden" name="com_id" value={uniq_id}>
  <input type="hidden" name="ip" value={client_ip}>
  </td>
  

    </tr>
    <tr>
      <td width="49" height="1">

 

That takes care of the user's name being printed.

 

And for the part where only registered users can comment use this:

 

<?php
if (isset($_COOKIE['username'])) {
?>
Name:
      </td>
      <td width="289" height="1"><?php print $_COOKIE['username']; ?>
  <input type="hidden" name="com_id" value={uniq_id}>
  <input type="hidden" name="ip" value={client_ip}>
  </td>
  

    </tr>
    <tr>
      <td width="49" height="1">
<?php
}else {

      </td>
      <td width="289" height="1">
  </td>

    </tr>
    <tr>
      <td width="49" height="1">
}

 

As for the link one, since not much code is posted I will wait on helping you with that till you can wise up and post some actual code.

 

[chill392]

Thank you so much for taking the time to look at this, I've checked this topic every day for almost a week.  I do realize, it is a lot, but I am very new to PHP, and I only know enough to tinker with it. 

 

Unfortunately, I'm not at home right now, so I can't implement these codes quite yet.  When I get home, I'll post my progress with them, and if/how they work.

 

I've tried something along those lines for the edit link.  What happens is that when generating the page, the posts are retrieved and displayed from the newest to the oldest.  If I use that, and I am the author of a post, then every post on that page below it will have an edit link too, because it reuses the same author for some reason.  That's what I mean when I say it only works to an extent, and nothing I have tried has gotten me any closer to my intention. 

Also, isAdmin is defined already.

 

Whenever I modify the onBlur statement at all, the entire site crashes, and I can't figure out why.  Your method, being different entirely from my attempts, and derived from an actual understanding of PHP might work.

 

Also, about the last question, I didn't want to post like five pages of code, because I'm not really sure where the code I'm talking about begins or ends.  Is it ok to post a really long piece of code here?  If so, I'll happily post it for you. 

 

Again, I greatly appreciate you taking the time to help me, despite the insults to my intelligence.  Thank you very, very much.

[chill392]

Yeah, the edit link still does the same thing. ._.;;

 

Name field still bugs out.

Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/loppl30/public_html/pys/data/Default.tpl on line 57

>_<

 

 

:'( Thanks for helping!

[per1os]

My bad should be this:

 

if((isset($_COOKIE['username']) && $_COOKIE['username'] == $author) || (isset($_COOKIE['username']) && isAdmin($_COOKIE['username']))){
$edit = "|<a href=?page=edit&x=$ffrow>Edit this post</a>";
}else{
echo ""; }

 

At least for that, and can you post the default.tpl?

[chill392]

My bad should be this:

 

if((isset($_COOKIE['username']) && $_COOKIE['username'] == $author) || (isset($_COOKIE['username']) && isAdmin($_COOKIE['username']))){
$edit = "|<a href=?page=edit&x=$ffrow>Edit this post</a>";
}else{
echo ""; }

 

At least for that, and can you post the default.tpl?

Damnit, I forgot to attach the index.php and default.tpl.  I feel like an idiot, I've been so out of it lately.  Here they are:

 

[attachment deleted by admin]

[chill392]

Like I said, there's a problem with the way it accesses the data.  Is there a way for me to reference the ID of the post in the same statement so that I can tell the system to do it on a per-post basis?