Page 2 of 2
Re: Please point me in the right direction
Posted: Fri Sep 03, 2010 2:50 pm
by diseman
Well, that made perfect sense, but ADMIN is still not working; no data shown.
Logged in as USER with your updates and USER still works.
No ERRORS; just not showing any data from ADMIN side.
Re: Please point me in the right direction
Posted: Fri Sep 03, 2010 2:57 pm
by shawngoldw
What did you replace the following line with?
Re: Please point me in the right direction
Posted: Fri Sep 03, 2010 3:12 pm
by diseman
Hi Shawn,
Your last question has confused me and now I feel like I've misunderstood something. So, here's what I have so far:
Code: Select all
<?php session_start();
// ----------------------------------------------------------------------------------------------------------
// Ensure the user has logged in and has proper access to this page
// ----------------------------------------------------------------------------------------------------------
$show = '';
if($_SESSION['isadmin'])
{
$show = $_GET['email'];
}
elseif($_SESSION['myusername'])
{
$show = $_SESSION['myusername'];
}
if($show){
include ("../modules/control_panel.php");
include ("../_includes/top.php");
?>
And then I have this...
Code: Select all
<?php
include ("../_includes/dbconnect.php");
// Query database for user's account for personalization ;
$query = "SELECT * FROM users WHERE username = '".$show."' " ;
$result = mysql_query($query);
if (!$result) die(mysql_error());
else
{
$row = mysql_fetch_object($result);
$account = $row -> account;
}
// Query database for user's first name and username for personalization ;
$query = "SELECT * FROM users WHERE username = '".$show."' " ;
$result = mysql_query($query);
if (!$result) die(mysql_error());
else
{
$row = mysql_fetch_object($result);
$username = $row -> username;
$b_firstname = $row -> b_firstname;
}
mysql_close($con);
?>
Did I miss something??
Re: Please point me in the right direction
Posted: Fri Sep 03, 2010 3:15 pm
by diseman
Can't I just do something like:
Code: Select all
if($_SESSION['myusername'] or ($_SESSION['isadmin']))
..and have it work?
Re: Please point me in the right direction
Posted: Fri Sep 03, 2010 3:17 pm
by shawngoldw
Use pipes (||) not or.
If you were to do that, what value would you use in the query?
Shawn
Re: Please point me in the right direction
Posted: Fri Sep 03, 2010 3:36 pm
by diseman
Well, I tried it with the '".$show."' and if($_SESSION['isadmin']) just to be sure, but it didn't work.
Re: Please point me in the right direction
Posted: Fri Sep 03, 2010 3:51 pm
by shawngoldw
Sorry I missed the post a couple up, didn't realise you posted 2 in a row
This line:
was just an example I made up. Have you ever defined $_SESSION['isadmin']? Probably not, it was just a random variable I made up. I'm saying that you need to replace that with something which can identify that the user is an admin.
diseman wrote:Can't I just do something like:
Code: Select all
if($_SESSION['myusername'] or ($_SESSION['isadmin']))
..and have it work?
Yes you can do that, using || instead of or, but it is kind of redundant since you have already checked them in order to define $show with the proper value. You might as well just use $show so you don't have to check them in 2 places
Shawn
Re: Please point me in the right direction
Posted: Fri Sep 03, 2010 9:27 pm
by diseman
Hi Shawn,
Thank you very much! Your last e-mail about 'defining the admin' tipped me off on what I was missing. I just defined a new user (admin) in the login script. Then, a few additional edits along with your IF/ELSEIF and all was working nicely.
That was a big hurdle for me. Thank you for sticking it out and coming back. Your help is greatly appreciated.
Have a good Labor Day weekend.
dM
Re: Please point me in the right direction
Posted: Fri Sep 03, 2010 11:01 pm
by shawngoldw
No problem, glad I could help! It was a good thing you bumped, your post kinda slipped by me a couple days a go, lol.
You have a good long weekend too, mines just going to be an opportunity to move back to school.
Shawn.