Creating an admin

Security issues related to php and mysql usage. How to make your code secure? Security measures and configurations? It's all in here!

Moderators: egami, macek, gesf

Post Reply
User avatar
JordanMRichards
New php-forum User
New php-forum User
Posts: 81
Joined: Mon Apr 23, 2012 7:43 am
Contact:

Wed Apr 25, 2012 7:47 am

Hello vineeth,

I recommend you have a column in your table of users that says "Admin" make it an INT and make it DEFAULT of 0.

Then make a function with a query inside of it that checks to see if the column of Admin is 1 or not, if it is, then return true...

Something like this.

Code: Select all

function userisadmin() {
		$idname = $_SESSION['user_id'];  // your session name to determain the id of the user that is logged in
		$query = "SELECT Admin FROM users WHERE id ='$idname'";
		if ($query_run = mysql_query($query)) {
			if($query_result = mysql_result($query_run, 0, $field)) {
				if ($query_result == '1') {
					return true;
					}else{
					return false;
				}
		}
	}
}

// then on any page you could put
if (userisadmin()) {
//if they're an admin...
}else{
if they are not.
}
Hope this helped ;)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14 Year Old Programmer & Graphic Artist, Confident and Courageous
Image

Post Reply