Welcome, Guest: Join Nairaland / LOGIN! / Trending / Recent / New
Stats: 2,599,247 members, 6,034,176 topics. Date: Saturday, 05 December 2020 at 07:11 PM

PHP Help - How Can I Allow Only Admin To Access A Page? - Programming - Nairaland

Nairaland Forum / Science/Technology / Programming / PHP Help - How Can I Allow Only Admin To Access A Page? (222 Views)

Web Development/php Help Center / How To Connect My Android Phone To Access My Xamp On Macbook Pro / How Can I Access A Website Running On Ipv6 Protocol (2) (3) (4)

(1) (Reply) (Go Down)

PHP Help - How Can I Allow Only Admin To Access A Page? by Codedreamer: 4:47pm On Nov 22
Hello coders!

I am currently developing a Student Management System using PHP and MySql where an admin (principal) can log in to the dashboard to manage accounts of students and staffs, update results, add new student, etc. Students can also log in to view their profile and results.

I have been able to create the dashboard and student login system using session , but the problem is If a user goes to 'dashboard.php', they will be able to view all the dashboard settings, I want only the admin to be able to view this page.

Please how can I achieve this.
Re: PHP Help - How Can I Allow Only Admin To Access A Page? by 404Dev: 6:14pm On Nov 22
Codedreamer:
Hello coders!

I am currently developing a Student Management System using PHP and MySql where an admin (principal) can log in to the dashboard to manage accounts of students and staffs, update results, add new student, etc. Students can also log in to view their profile and results.

I have been able to create the dashboard and student login system using session , but the problem is If a user goes to 'dashboard.php', they will be able to view all the dashboard settings, I want only the admin to be able to view this page.

Please how can I achieve this.
Am guessing you are storing the user id or user name of logged in user in a session variable. So, go to your users table in db and create a column is_admin with default value of 0. 0 indicates not admin while 1 indicates admin.
So in the page you want to restrict, grab the user I'd from session, run a query to check if is_admin, proceed if so or redirect if necessary.
Re: PHP Help - How Can I Allow Only Admin To Access A Page? by Karleb(m): 6:23pm On Nov 22
Codedreamer:
Hello coders!

I am currently developing a Student Management System using PHP and MySql where an admin (principal) can log in to the dashboard to manage accounts of students and staffs, update results, add new student, etc. Students can also log in to view their profile and results.

I have been able to create the dashboard and student login system using session , but the problem is If a user goes to 'dashboard.php', they will be able to view all the dashboard settings, I want only the admin to be able to view this page.

Please how can I achieve this.

Another way to go about it is to create a user_type column in the users table. user_type will be an enum data type with options like (user, admin, moderator, site_owner...).


So you'll check, if $user->user_type === "admin".

Preferably, the check should be in a middleware.
Re: PHP Help - How Can I Allow Only Admin To Access A Page? by Codedreamer: 6:26pm On Nov 22
404Dev:

Am guessing you are storing the user id or user name of logged in user in a session variable. So, go to your users table in db and create a column is_admin with default value of 0. 0 indicates not admin while 1 indicates admin.
So in the page you want to restrict, grab the user I'd from session, run a query to check if is_admin, proceed if so or redirect if necessary.
Thanks for your reply. From your write-up, it seems i will have to write all my dashboard.php contents inside a condition. Currently, all my dashboard.php HTML codes are written in plain HTML (can i write plain html inside a php condition) or Do I have to echo them all.

For example: if ($_SESSION['username'] == $admin) {
echo "all dashboard HTML code";
}
else {
redirect to another page
}
Re: PHP Help - How Can I Allow Only Admin To Access A Page? by Codedreamer: 6:30pm On Nov 22
Karleb:


Another way to go about it is to create a user_type column in the users table. user_type will be an enum data type with options like (user, admin, moderator, site_owner...).


So you'll check, if $user->user_type === "admin".

Preferably, the check should be in a middleware.

Thanks for your reply. That means all my dashboard.php HTML codes will have to be inside a condition and they will all be echoed. Currently, they are written in plain HTML. I'm still learning!

If (condition) {
echo " all HTML codes ";
}
else {
echo " Only admin can access this page";
}
Re: PHP Help - How Can I Allow Only Admin To Access A Page? by stanliwise(m): 6:33pm On Nov 22
Codedreamer:
Hello coders!

I am currently developing a Student Management System using PHP and MySql where an admin (principal) can log in to the dashboard to manage accounts of students and staffs, update results, add new student, etc. Students can also log in to view their profile and results.

I have been able to create the dashboard and student login system using session , but the problem is If a user goes to 'dashboard.php', they will be able to view all the dashboard settings, I want only the admin to be able to view this page.

Please how can I achieve this.
Hello simply add a user role field and store as student admin or anything you like
Simply check the role and then give access

1 Like

Re: PHP Help - How Can I Allow Only Admin To Access A Page? by Karleb(m): 6:42pm On Nov 22
Codedreamer:
Thanks for your reply. That means all my dashboard.php HTML codes will have to be inside a condition and they will all be echoed. Currently, they are written in plain HTML. I'm still learning!

If (condition) {
echo " all HTML codes ";
}
else {
echo " Only admin can access this page";
}

This should do it. It seems you are not working with routes, middlewares and the likes.

It's better you check for the opposite though.
Something like...

If (! $admin){
//redirect to other page
}

Then you continue with the dashboard.php codes. The check should be the first thing in the dashboard.php file.



A friendly advice.

If you need to combine html and Php codes for any reason, especially for a project, consider using php templates. They are specifically made for this reason.

1 Like

Re: PHP Help - How Can I Allow Only Admin To Access A Page? by Codedreamer: 6:57pm On Nov 22
Karleb:


This should do it. It seems you are not working with routes, middlewares and the likes.

It's better you check for the opposite though.
Something like...

If (! $admin){
//redirect to other page
}

Then you continue with the dashboard.php codes. The check should be the first thing in the dashboard.php file.



A friendly advice.

If you need to combine html and Php codes for any reason, especially for a project, consider using php templates. They are specifically made for this reason.
Thanks very much for the help.
Re: PHP Help - How Can I Allow Only Admin To Access A Page? by talk2hb1(m): 10:57am On Nov 23
Codedreamer:
Hello coders!

I am currently developing a Student Management System using PHP and MySql where an admin (principal) can log in to the dashboard to manage accounts of students and staffs, update results, add new student, etc. Students can also log in to view their profile and results.

I have been able to create the dashboard and student login system using session , but the problem is If a user goes to 'dashboard.php', they will be able to view all the dashboard settings, I want only the admin to be able to view this page.

Please how can I achieve this.
Google and read up on Role based access control, just my little Cent grin
Re: PHP Help - How Can I Allow Only Admin To Access A Page? by Thenaijaitguy: 6:47pm On Nov 23

(1) (Reply)

. / . / How To Unlock LG Fortune 2 Network Locked

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10)

Nairaland - Copyright © 2005 - 2020 Oluwaseun Osewa. All rights reserved. See How To Advertise. 63
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.