In a website, we need to restrict views to users. As an instance, Admin panel should be accessible for only the administrators.
<?php
session_start();
if(!empty($_SESSION['login_user'])) // if a user is logged in
{
$user=$_SESSION['login_user'];
include './dbconnect.php';
$sql3="select user_level from users where user_name='$user'"; // checking the user level of the user logged in
$result3 = mysqli_query($conn,$sql3) or die (mysqli_error($conn));
if(mysqli_num_rows($result3) > 0) {
while($row3=mysqli_fetch_array($result3))
{
$userlevel=$row3['user_level'];
}
// if the user is not an admin, to redirect to the home page
if($userlevel!=1)
{
echo '<script type="text/javascript">
location="index.php";
alert("You do not have access");
</script>';
}
}
}
// if a user is not logged in
else{
echo '<script type="text/javascript">
alert("You have to log in or register");
location="login.php";
</script>';
}
?>
<?php
session_start();
if(!empty($_SESSION['login_user'])) // if a user is logged in
{
$user=$_SESSION['login_user'];
include './dbconnect.php';
$sql3="select user_level from users where user_name='$user'"; // checking the user level of the user logged in
$result3 = mysqli_query($conn,$sql3) or die (mysqli_error($conn));
if(mysqli_num_rows($result3) > 0) {
while($row3=mysqli_fetch_array($result3))
{
$userlevel=$row3['user_level'];
}
// if the user is not an admin, to redirect to the home page
if($userlevel!=1)
{
echo '<script type="text/javascript">
location="index.php";
alert("You do not have access");
</script>';
}
}
}
// if a user is not logged in
else{
echo '<script type="text/javascript">
alert("You have to log in or register");
location="login.php";
</script>';
}
?>
Comments
Post a Comment