Hi guys
I am very new to php and am trying to create a small content management site. Hopefully I will have posted this correctly, sorry If I have missed anything out.
I want to be able to have an admin page link show up when i log in as a super user/administrator. In addition to this I don't want this admin link to be visible to normal users when they log in. Unfortunately my understanding and knowledge of Php isn't up to scratch to know how to do this in the best way.
What I have currently is an index.php/homepage, where users can log on. Once a user is logged in they are authenticated using . $_SESSION. I have an if statement which says if the user is authenticated then display a selection of links, view profile, edit profile etc. If the user isn't authenticated they can only see the register and login links.
What I want to achieve is, if the administrator logs in then he can see an aditional link, 'admin'. So i setup and elseif statement. I am using the following code.
if (isset($_SESSION['username']) && ($username = 'rich')){
echo '<ul>';
echo '<li><a href="profileview.php">View Profile</a></li>';
echo '<li><a href="profileedit.php">Edit Profile</a></li>';
echo '<li><a href="upload.php">Upload Media</a></li>';
echo '<li><a href="admin.php">Admin</a></li>';
echo '<li><a href="logout.php">Log Out (' . $_SESSION['username'] . ')</a></li>';
echo '</ul>';
}
elseif (isset($_SESSION['username'])) {
echo '<ul>';
echo '<li><a href="profileview.php">View Profile</a></li>';
echo '<li><a href="profileedit.php">Edit Profile</a></li>';
echo '<li><a href="upload.php">Upload Media</a></li>';
echo '<li><a href="logout.php">Log Out (' . $_SESSION['username'] . ')</a></li>';
echo '</ul>';
}
else {
echo '<ul>';
echo '<li><a href="login.php">Log In</a></li>';
echo '<li><a href="register.php">Register</a></li>';
echo '</ul>';
}
However this does not work. Although the admin page link displays, it dislpays for any authenticated user and not just for the admin user 'username = rich'. I asn't sure if I needed a nested if statement and to run a select query against the db, where username = rich. But I have a feeling this isn't the answer. Does anyone know how I can get this working? Maybe somebody knows of a better and easier way of achieving what I am after. I don't know if I need to do this another way where I query a user_type column in the db and only show the admin link for users with a user_type of admin??
I have copied the code below. If anyone can help me out with this I would be very grateful and I appreciate anyones time. Thanks for any help and time given,
cheers
==============================================================
index.php
<?php
session_start();
// If the session vars aren't set, try to set them with a cookie
if (!isset($_SESSION['user_id'])) {
if (isset($_COOKIE['user_id']) && isset($_COOKIE['username'])) {
$_SESSION['user_id'] = $_COOKIE['user_id'];
$_SESSION['username'] = $_COOKIE['username'];
}
}
//add the page header
$pagetitle = 'Home';
require_once('header.php');
//require_once('appvars.php');
require_once('dbvars.php');
?>
<?php
echo '<div id="toplinks">';
if (isset($_SESSION['username']) && ($username = 'rich')){
echo '<ul>';
echo '<li><a href="profileview.php">View Profile</a></li>';
echo '<li><a href="profileedit.php">Edit Profile</a></li>';
echo '<li><a href="upload.php">Upload Media</a></li>';
echo '<li><a href="admin.php">Admin</a></li>';
echo '<li><a href="logout.php">Log Out (' . $_SESSION['username'] . ')</a></li>';
echo '</ul>';
}
elseif (isset($_SESSION['username'])) {
echo '<ul>';
echo '<li><a href="profileview.php">View Profile</a></li>';
echo '<li><a href="profileedit.php">Edit Profile</a></li>';
echo '<li><a href="upload.php">Upload Media</a></li>';
echo '<li><a href="logout.php">Log Out (' . $_SESSION['username'] . ')</a></li>';
echo '</ul>';
}
else {
echo '<ul>';
echo '<li><a href="login.php">Log In</a></li>';
echo '<li><a href="register.php">Register</a></li>';
echo '</ul>';
}
echo '</div>';
require_once('leftmenu.php');
?>
<div id="hometext">
<p>If you are a designer or Artist and have never found the right way to market your work then The Negative Space is the site you need a profile on. Create a profile today and start sharing you work with people who will appreciate it. </p>
</div>
<?php
require_once('footer.php');
?>