TSGL: PHP and MySQL help
Ian Ramsey-Planck
iarp at cogeco.ca
Wed Apr 16 13:59:23 EDT 2008
Hey guys,
Just wondering if anyone has experience with PHP and MySQL.
I’ve already built a login script but I’m worried about the way I’m
restricting peoples access to WebPages. I just finished reading up a huge
book on PHP and MySQL so at this time I have some knowledge on this subject.
I’ve checked out a few Google scripts I’ve found and they’ve confused me to
bits!
Currently my script is like this.
<?php
//in the header file $userlevel is defined as $userlevel =
$_SESSION[‘userlevel’] as per the level I’ve set in the database.
include ('../includes/header.php');
if ($userlevel == "9"){
?>
<div id="content">
<!—Show admin content here à
</div> <!-- END CONTENT -->
<?php
include ('../includes/footer.php');
} else {
<!—if the person requesting the page is not the correct
userlevel, redirect them to the home page.
$url = 'http://' .
$_SERVER['HTTP_HOST'];
if ((substr($url, -1) ==
'/') OR (substr($url, -1) == '\\') ) {
$url =
substr ($url, 0, -1); // Chop off the slash.
}
$url .= '/index.php';
header("Location: $url");
exit();
}
?>
I’m worried that someone with better knowledge in this field will be able to
get by this very easily.
To add:
I came up with this script for showing the page View Users to only admins
(level 9)
if ($userlevel == "9") { echo '<a href="../admin/view_users.php">View
Users</a><br />'; }
Any helps appreciated
TIA
Ian
More information about the List
mailing list