Skip to main content

To restrict access to certain users

In a website, we need to restrict views to users. As an instance, Admin panel should be accessible for only the administrators.

 <?php
session_start(); 

 if(!empty($_SESSION['login_user'])) // if a user is logged in

 {
$user=$_SESSION['login_user'];

include './dbconnect.php';

$sql3="select user_level from users where user_name='$user'"; // checking  the user level of the user logged in
$result3 = mysqli_query($conn,$sql3) or die (mysqli_error($conn));

 if(mysqli_num_rows($result3) > 0) {

 while($row3=mysqli_fetch_array($result3))
{
$userlevel=$row3['user_level'];
}

 // if the user is not an admin, to redirect to the home page

 if($userlevel!=1)
{
echo '<script type="text/javascript">
location="index.php";
alert("You do not have access");
</script>';
}
}
}

 // if a user is not logged in

 else{
echo '<script type="text/javascript">
alert("You have to log in or register");
location="login.php";
</script>';
}

?>

Comments

Post a Comment

Popular posts from this blog

Admin panel of a Q & A Forum

In a Q & A Forum, when a user posts a question, it should be sent to the administrator for approval in case it contains inappropriate content. After approval it should be removed from this pending approval page and other users should be able to see the question afterwards. To enable this, we should maintain an approval column in our database table of records and for each record approval should be set to false by default. In the Pending approvals page only the records with approval=false should be displayed. Below is  the MySQL  statement for retrieval, $sql="SELECT * FROM topics WHERE approval=false"; To know which post was approved we should embed the post_id to the URL. And the relevant post should be updated as approval=true. Below is the complete code. <?php $sql="SELECT * FROM topics WHERE approval=false"; $query=mysqli_query($conn,$sql); echo '<form name="approve" method="p...
Post a Comment
Read more

Fixing 'java RMI - ConnectException: Operation timed out' in WSO2 Enterprise Integrator 6.4

If you ever come across the below exception when running WSO2 Enterprise Integrator 6.4, here is the fix. This error occurs when you have multiple IP addresses from different networks configured in your etc/hosts as below. 10.xxx.x.xxx localhost 192.xxx.x.xxx localhost So simply, removing the unnecessary one and leaving the one of the network that you are currently connected to should resolve this issue. 10.xxx.x.xxx localhost
Post a Comment
Read more

Student Information System - Java (SLIIT - ST2 PROJECT)

Student Information System (Github Project) This system is developed in Java and mySQL as a group project by me and 3 other members during a period of 1 month. The system allows the administrator to,  enroll students to the system  update enroll information  add/update course and degree program details  generate reports  create exams and edit relevant information  calculate gpa of the relevant exam  assign lecturers to courses  add lecturers/update details Lecturers to,  assign course grades  view their feedback  generate reports  view student / course / degree program details Students to,  view their profile  view their grading information  give feedback to lecturers   view lecturer / course / degree program details and other features. Below are some interfaces of the project. (Splash Screen) (Login) (Admin View) (Student Re...
Post a Comment
Read more