Member Avatar for UK-1991

Hello,

I was wondering if anyone can gude e about a puzzle i am trying to create and think let me know if this is possible or not.

Well there are many users stored i.e admins what if by mistake there is only 1 admin left in the database and that admin is logged in already i want to make that the admin which is currently logged in cannot delete him self or by mistake he click on delete button it says all admins deletation are not valid it should remain atleast 1 admin in the database we cannot delete all

as by seeing my database there are 1 table named agents and in that theere are stored users and admins both so 1 user type is admin and secon is agent so obviously there should be 1 admin remains ie all cannot be deleted if somebody delete all admins bby mistake thatn how can he manage the cms

Please give me any idea or guidline how it can be done well I am trying my self as well if i Come up with this i will foresure share it.

Thank You

  • 4 Contributors
  • 4 Replies
  • 104 Views
  • 23 Hours Discussion Span
  • Latest Post Latest Post by lps
Member Avatar for diafol

I think a simple idea would be to prevent anybody from deleting themselves.

If an admin is logged in, then the user_id will be held in a session variable (or should be anyhow).

So if you are an admin you see a table with delete buttons, then don't allow a button to show next to yourself. So in your loop to create the html table:

<?php if($row['id'] !== $_SESSION['user_id']){ ?> 
<button ...>DELETE<button>
<?php } ?>

Or something along those lines

Member Avatar for lps

Agree with @diafol. You can also check the user before executing delete query to prevent direct access using url.
Example:
select id,user_name from agents where user_type = 'Admin'
Then after query, conduct an if-else case to check
1. if the id or user_name query is the same as $_SESSION data(depends on what you stored to you session)
2. result count <= 1
if any of the case matched, shows error. Else delete the data.

Edited by lps
Member Avatar for DaveAmour

You can also do thing like this:

Delete From Agents

Where Id = 2

And (Select Count(*) From Agents) > 1
Edited by DaveAmour
Member Avatar for lps

@DaveAmour, you forgot to filtered the current logged in user and admin type.

if($_POST['id'] != $_SESSION['user_id']){
    $sql = "delete from Agents where id = '".$_POST['id']."' and (select count(*) from agents where user_type = 'Admin') > 0;"
    //execute delete here
}else{
    //shows error message
    echo "You are currently logged in as the user. System preventing self destruct...";
}
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.