How to make a page not available for everyone?

General discussions related to php

Moderators: macek, egami, gesf

Post Reply
User avatar
Strider64
php-forum Active User
php-forum Active User
Posts: 290
Joined: Sat Mar 23, 2013 8:24 am

Re: How to make a page not available for everyone?

Post by Strider64 » Sat Jun 01, 2013 5:43 pm

Some sort of code like the following usually goes at the top of the file:

Code: Select all

<?php 
require("includes/config.php");
if (isset($_SESSION['user'])) 
{  
   // You can do other stuff like write to database and more here
  // Hint: Think nested if statements and such....
  //  session_start(); must be started before this if statement, usually in a config.php file of some sort.
} 
else 
{
    // redirect to login page or home page?
    header('Location: login.php');
    exit;
}     	
?>
<!--/HTML CODE CAN GO HERE-->

User avatar
Strider64
php-forum Active User
php-forum Active User
Posts: 290
Joined: Sat Mar 23, 2013 8:24 am

Re: How to make a page not available for everyone?

Post by Strider64 » Sat Jun 01, 2013 5:59 pm

and might I add pick-up a good book on PHP (or any other scripting language) that is current, so you don't end up using depreciated code. Also avoid code/tutorials that doesn't use mysqli or PDO, for all that will do will put you behind in learning proper coding.

In no time you be writing better code like this:

Code: Select all

<?php # edit_page -
// This page both displays and handles the "edit the page" form.
// Need the utilities file:
require('includes/utilities.inc.php');

// Grab title & content from GetPage class:
$grabData = new GetPage(htmlspecialchars($_GET['id']));

// Grab the page by id:
$page = $grabData->display_page;

// Link to the page + the page id:
$formPage = 'edit_page.php?id=' . htmlspecialchars($_GET['id']);

// New instance of the Form class:
$editform = new Form($formPage, $page->getTitle(), $page->getContent());

// Create form so user can edit the title & content:
$form = $editform->form;

 // Check to see if edited data has been submitted by the user:
 if (isset($_POST['action']) && $_POST['action'] == 'enter') {
	 
	 // Update the edited text:	 
	 $query = 'UPDATE pages
			 SET creatorId   =  :creatorId,
				title       =  :title,
				content     =  :content,
				dateUpdated =  NOW()
			 WHERE id=:id';
			 
      // Prepare the Statement:
	 $stmt = $pdo->prepare($query);
	 
	 // Clean-up user content:
	 // Setup an array - 'title' and 'content' are the keys:
	 $data = array('title' => htmlspecialchars($_POST['title']), 'content' => ($_POST['content']));

	 // Create an new instance:
	 $dirtyWord = new DirtyWord($data);
	 
	 // Check you content for bad language:
	 $title = $dirtyWord->checkTitle;
	 $content = $dirtyWord->checkContent;			 
	 
	 // execute the statement:
	 $show_details = $stmt->execute(array(':creatorId' => $user->getId(), ':title' => $title, ':content' => $content, ':id' => $page->getId()));
	 	 
	 
	 
 }
	
// Show the page with form:
(isset($show_details)) ? $pageTitle = "Successfully edited!" : $pageTitle = 'Edit This Page';
include('includes/header.inc.php');
include('views/edit_page.html');
include('includes/footer.inc.php');
?>
Well for right now it's better code, but even I don't know everything and learn new things about PHP for there is a lot you can do with PHP and other languages.

Post Reply

Who is online

Users browsing this forum: No registered users and 5 guests