Posted: Tue Jul 20, 2004 12:37 am
unless all users that are logged in are admins, I'd add some other stuff to that if 
A community of PHP developers offering assistance, advice, discussion, and friendship.
http://forums.devnetwork.net/
...if?unless all users that are logged in are admins, I'd add some other stuff to that if....
Code: Select all
if (!isset($_SESSION["loggedin"]))Code: Select all
<?php
session_start();
if (!isset($_SESSION["loggedin"]))
{
exit("Hacking Attempt!");
}
echo "Welcome to the Admin Section, ".$_SESSION["username"];
?>Code: Select all
<?php
session_start();
if (($_SESSION["access"] != 3) && (!empty($_SESSION["access"])))
{
exit("Hacking Attempt!");
}
echo "Welcome to the Admin Section, ".$_SESSION["username"];
?>Code: Select all
<?php
<?php
session_start();
$username = $_POST["username"];
$password = $_POST["password"];
if(!empty($_POST['submit']))
{
$db = mysql_pconnect('***') or die ("Could not connect to database");
mysql_select_db('models') or die ("Could not select database!");
$sql = "select * from user where name = '$username'";
$result = mysql_query($sql, $db) or die ("Execution failed.");
while ($row=mysql_fetch_array($result))
{
if ($row["password"]== $_POST["password"])
{
echo " ('Successfully Logged In!<a href='index.php'>Click Here</a>') ";
$_SESSION["name"] = $username;
$_SESSION["access"] = $row["access"]; //no long loggedin=set but gets the access var into the session
}
else
{
echo "wrong password";
}
}
}
?>