if statement
Posted: Sun Jul 06, 2003 5:11 am
Hey
I am trying to make some code so that only the admin can make changes to certain parts of the database. FOr example i have called the admin username david. Trying to make an if statement to say that if the username is called david go ahead with the changes, but if not , message saying not allowed. I am using session
the code
It just seems to ignore the if statment and keeps saying the message, "You are not authorised to make changes to the database"
Any help?
many thanks
I am trying to make some code so that only the admin can make changes to certain parts of the database. FOr example i have called the admin username david. Trying to make an if statement to say that if the username is called david go ahead with the changes, but if not , message saying not allowed. I am using session
the code
Code: Select all
<?php
//start the session
session_start();
header("Cache-control: private"); //IE 6 Fix
//check to make sure the session variable is registered
if(session_is_registered('username')){
//the session variable is registered, the user is allowed to see anything that follows
echo "Welcome, you are still logged in '$username'.";
}
else{
//the session variable isn't registered, send them back to the login page
header( "Location: login.php" );
}
if ('$username' != "david") {
echo "You are not authorised to make changes to the database";
} else {
$db =mysql_connect("","", "");
mysql_select_db("",$db) or die ("cannot connect to database");
$query = "INSERT INTO cars(make, engine,year,des,mot,price)
VALUES('".$_POST['make']."','".$_POST['engine']."','".$_POST['year']."','".$_POST['des']."'
,'".$_POST['mot']."','".$_POST['price']."')" ;
mysql_query($query);
}
?>Any help?
many thanks